Digital Ocean floating IP deleted, Lets encrypt SSL not working anymore


All my websites with LE SSL encryption were working fine. I have deleted my Digital Ocean Floating IP as I don’t need it, and now I have only one website working with the LE SSL encryption.

By deleting the floating ip, I changed my ip address. And I had to specify the new IP address on the A records of the domains.

So I have relaunch the command :

/opt/letsencrypt/letsencrypt-auto --apache --renew-by-default -d -d -d certonly

But the LE SSL encryption still doesn’t work for

I don’t know what to do. When I try to go to it tells me with Firefox Error Code : SSLERRORBADCERTDOMAIN .com uses an invalid security certificate. The certificate is available only for the domains:,,

Indeed my LE SSL encryption is working for

What can I do ? What do I have to check ?

Do you need to know the name of the websites I am talking about ?

Thanks for your help.

Found !

I had to change the apache config file /etc/apache2/sites-available/

<IfModule mod_ssl.c>
<VirtualHost *:443>


<IfModule mod_ssl.c>
<VirtualHost XXX.XXX.XXX.XXX:443>

Where XXX.XXX.XXX.XXX is my public ip address.

The question is, why was it working like that before deleting my Digital Ocean Floating IP and by the way, changing my server public IP address ?

Anyway, it’s working fine now :smile:

Shouldn’t be necessary. See also:

Yes Osiris :open_mouth:
But I had to, maybe it worked again because I launched the command service apache reload

No clue!

@defacta: It sounds like you may not have correctly configured ServerNames and ServerAliases for each of your hostnames, and Apache is defaulting to using a certificate that does not match the site you are visiting. Can you run:

egrep -r 'ServerName|ServerAlias' /etc/apache2

Also, it would be much easier to assist you if you provide the real hostnames of your sites. It’s harmless to post them here.

Hello jsha,

Here is part of the result of egrep -r 'ServerName|ServerAlias' /etc/apache2 :

/etc/apache2/sites-available/        ServerName
/etc/apache2/sites-available/  ServerAlias
/etc/apache2/sites-available/  ServerAlias is a website for which LE SSL encryption was not working anymore after changing IP address (deleting the Digital Ocean floating IP).

If I don’t show the name it’s because I don’t want a Google search showing this community page.

There’s your problem: You don’t list as a ServerName or ServerAlias, so Apache is using whatever certificate it considers “default.”

Yet, I have this virtual host which has not been affected by the change of IP:

/etc/apache2/sites-available/          ServerName
/etc/apache2/sites-available/          ServerAlias

So what do I have to check ? Inside the config file of I have:

<VirtualHost *:443>


                DocumentRoot /home/anotherwebsite/public_html
                ErrorLog /var/log/virtualmin/anotherwebsite.com_error_log
                CustomLog  /var/log/virtualmin/anotherwebsite_access_log combined

There is still *, no IP address. And it’s working.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.