Do not certificate for both www and without www


#1

Greetings,

I ran into a problem with the let’s encrypt certificate, its working fine for the www and it autorenew flawless (this 31/12/2018) but we just notice it that without www, it do not work, this problem could be running from the start, 4 months ago but we just notice it.

There is any way to recertificate for both?

My domain is: cloudworldwideservices.com

My web server is (include version):WordPress 5.0.2

The operating system my web server runs on is (include version): Ubuntu 12.04-x86_64

My hosting provider, if applicable, is: AWS

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): wp-admin and shell


#2

Hi @JavierF

that’s the problem using only a browser. Browsers cache good 301 redirects, so the user doesn’t see some sites.

Your redirects are good, but your certificate

CN=www.cloudworldwideservices.com
	31.12.2018
	01.04.2019
	www.cloudworldwideservices.com - 1 entry

has only one domain name. Create one certificate with two domain names - cloudworldwideservices.com + www.cloudworldwideservices.com.

If you use certbot, then --d www.cloudworldwideservices.com --d cloudworldwideservices.com should work.


#3

Thanks for the reply Juergen

this was the input:
certbot --d www.cloudworldwideservices.com --d cloudworldwideservices.com

And this the output

certbot [SUBCOMMAND] [options] [-d DOMAIN] [-d DOMAIN] …

Certbot can obtain and install HTTPS/TLS/SSL certificates. By default,
it will attempt to use a webserver both for obtaining and installing the
certificate.
certbot: error: ambiguous option: --d could match --dns-route53, --dns-sakuraclo ud, --delete-after-revoke, --domains, --duplicate, --dns-digitalocean, --dns-ovh , --dns-dnsimple, --disable-renew-updates, --domain, --debug, --dns-google, --di sable-hook-validation, --debug-challenges, --deploy-hook, --dns-gehirn, --dialog , --dns-dnsmadeeasy, --dns-cloudflare, --dns-nsone, --dry-run, --dns-linode, --d ns-rfc2136, --dns-cloudxns, --dns-luadns

Seems it do not recognice the --d as correct, im a bit new with certbot so im sure i did something wrong


#4

You have to add your other commands.

There was no information in your topic how you have created the certificate.

So do the same - but with the additional domain.


#5

It should be -d with one hyphen instead of two :slight_smile:


#6

Yep, sorry - now I’ve reread the doc: --domain or -d


#7

Thanks for the replies again,

Yes , with that the command worked but with this error

[Errno 13] Perminision Denied: ‘/var/log/letsencrypt/.certbot.lock’

As for the way we implemented letsencrypt the first time it was with the documentation on the bitnami web https://docs.bitnami.com/aws/how-to/get-started-wordpress-aws-marketplace-intermediate/ if i remember correctly, but was some months ago and the one that did it is no longer on the company


#8

Doesn’t your wp-admin offer options to manage the certificate?

If there is such a management system, using certbot direct is the wrong way.


#9

When i try to modify something in it gave me this error.

Could not create directory /opt/bitnami/apps/wordpress/letsencrypt/live . Please check your filesystem permissions.


#10

there is any way to recreate the certificate part without have to recreate the whole server?


#11

How did you created your certificates? It was my speculation that you have used certbot.

Use the same method - but there should be an option to add the non-www-version.