Error installing certificate

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain are: astronomyeurope.com, www.rodgerking.co.uk, techforeall.com

I ran this command: sudo certbot --apache

It produced this output:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Enter email address (used for urgent renewal and security notices) (Enter ‘c’ to
cancel): mail@rodgerking.co.uk


Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server at
https://acme-v02.api.letsencrypt.org/directory


(A)gree/©ancel: A


Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let’s Encrypt project and the non-profit
organization that develops Certbot? We’d like to send you email about our work
encrypting the web, EFF news, campaigns, and ways to support digital freedom.


(Y)es/(N)o: N

Which names would you like to activate HTTPS for?


1: astronomyeurope.com
2: kingtopajak.co.uk
3: rodgerking.co.uk
4: www.rodgerking.co.uk
5: techforeall.com


Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter ‘c’ to cancel): 1,3,4,5
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for astronomyeurope.com
http-01 challenge for rodgerking.co.uk
http-01 challenge for techforeall.com
http-01 challenge for www.rodgerking.co.uk
Waiting for verification…
Cleaning up challenges
Created an SSL vhost at /etc/apache2/sites-available/wordpress-le-ssl.conf
Enabled Apache socache_shmcb module
Enabled Apache ssl module
Deploying Certificate to VirtualHost /etc/apache2/sites-available/wordpress-le-ssl.conf
Enabling available site: /etc/apache2/sites-available/wordpress-le-ssl.conf
Could not reverse map the HTTPS VirtualHost to the original

IMPORTANT NOTES:

  • Unable to install the certificate
  • Congratulations! Your certificate and chain have been saved at:
    /etc/letsencrypt/live/astronomyeurope.com/fullchain.pem
    Your key file has been saved at:
    /etc/letsencrypt/live/astronomyeurope.com/privkey.pem
    Your cert will expire on 2020-11-02. To obtain a new or tweaked
    version of this certificate in the future, simply run certbot again
    with the “certonly” option. To non-interactively renew all of
    your certificates, run “certbot renew”
  • Your account credentials have been saved in your Certbot
    configuration directory at /etc/letsencrypt. You should make a
    secure backup of this folder now. This configuration directory will
    also contain certificates and private keys obtained by Certbot so
    making regular backups of this folder is ideal.

My web server is (include version): Apache/2.4.29

The operating system my web server runs on is (include version): (Ubuntu 18.04)

My hosting provider, if applicable, is: I host these sites myself

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.31.0

I am looking to create multiple certificates. When I checked the result of this command, only the first domain’s certificate files have been created and saved but the file “wordpress-le-ssl.conf” had not been created.

Hi @ryking

if you want to create one certificate with 4 domain names and if you want that Certbot installs that certificate, you should have one port 80 vHost with the same list of domain names.

If there is no such vHost, the result is expected.

Use

apachectl -S

to check your vHosts.

1 Like

Hi

I was actually wanting certificates for each of my distinct domains.

I have run the command:

apachectl -S
VirtualHost configuration:
*:80 is a NameVirtualHost
default server techforeall.com (/etc/apache2/sites-enabled/techforall.conf:3)
port 80 namevhost techforeall.com (/etc/apache2/sites-enabled/techforall.conf:3)
wild alias *.techforeall.com
port 80 namevhost kingtopajak.co.uk (/etc/apache2/sites-enabled/wedding.conf:3)
wild alias *.kingtopajak.co.uk
port 80 namevhost localhost (/etc/apache2/sites-enabled/wordpress.conf:3)
port 80 namevhost rodgerking.co.uk (/etc/apache2/sites-enabled/wordpress.conf:19)
wild alias *.rodgerking.co.uk
port 80 namevhost astronomyeurope.com (/etc/apache2/sites-enabled/wordpress.conf:39)
wild alias *.astronomyeurope.com
ServerRoot: “/etc/apache2”
Main DocumentRoot: “/var/www/html”
Main ErrorLog: “/var/log/apache2/error.log”
Mutex default: dir="/var/run/apache2/" mechanism=default
Mutex mpm-accept: using_defaults
Mutex watchdog-callback: using_defaults
Mutex rewrite-map: using_defaults
PidFile: “/var/run/apache2/apache2.pid”
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name=“ryking” id=1000 not_used
Group: name=“ryking” id=1000 not_used

Then create these instead of creating one certificate with all domain names.

One command per domain.

But I don’t know if Certbot handles the wild alias * definitions correct.

1 Like

Hi

My initial thought was a single run of the command would create multiple certs as it recognised I had multiple virtualhosts but I have now tried the command again only listing 1 virtualhost at a time and it works - thanks.

Rodger

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.