[German] Zertifikat Wiederrufen

Guten Tag,

ich habe mir vor langer zeit mal einen VServer und eine Domain gemietet, dann habe ich ein Zertifikat erstellt, dieses scheint immernoch zu existieren, ich habe mir einen neuen VServer gemietet und wollte es wieder nutzen, was dann nicht ging. Kann mir da jemand helfen?

Hi @Floexe

Letsencrypt certificates are only 90 days valid. So that old certificate is expired.

--> Ignore it. You can't revoke an expired certificate. And it's not required to revoke certificates if the private key isn't stolen.

Select a client

then create a new certificate.

PS: Ich könnte auch auf deutsch antworten. Aber englisch verstehen hier sehr viel mehr Leute.

@JuergenAuer
ich habe das alte Zertifikat vor 60 Tagen erstellt

Egal. Erstelle ein neues. Das alte blockiert nicht.

@JuergenAuer
Es kommt dann das das Zertfikat bereits existiert, und demnach wird auch keins erstellt

Then a lot of answers are required:


Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

@JuergenAuer
Soll ich das einfach hier rein schicken?
Werde das dann morgen machen, bin gerade nicht PC

Dafür sollten wir wissen, welche Software Sie verwenden. Diese Fehlermeldung kommt von Ihrer Software, sie ist keine Fehlermeldung von der Zertifizierungsstelle. Deshalb wollte @JuergenAuer, dass Sie das Formular ausfüllen.

Hi @schoen

he will do it tomorrow.

Hier ist der Text auf Englisch

My domain is: Floexe.de, mail.Floexe.de

I ran this command: certbot --apache

It produced this output: Obtaining a new certificate
Performing the following challenges:
http-01 challenge for floexe.de
http-01 challenge for mail.floexe.de
Enabled Apache rewrite module
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. floexe.de (http-01): urn:ietf:params:acme:error:dns :: DNS problem: SERVFAIL looking up A for floexe.de - the domain's nameservers may be malfunctioning, mail.floexe.de (http-01): urn:ietf:params:acme:error:dns :: DNS problem: SERVFAIL looking up CAA for floexe.de - the domain's nameservers may be malfunctioning

IMPORTANT NOTES:

  • The following errors were reported by the server:

    Domain: floexe.de
    Type: None
    Detail: DNS problem: SERVFAIL looking up A for floexe.de - the
    domain's nameservers may be malfunctioning

    Domain: mail.floexe.de
    Type: None
    Detail: DNS problem: SERVFAIL looking up CAA for floexe.de - the
    domain's nameservers may be malfunctioning

My web server is (include version): Apache2.4.25

The operating system my web server runs on is (include version): Debian 9

My hosting provider, if applicable, is: Living Bots(RootServer)

I can login to a root shell on my machine (yes or no, or I don’t know): no

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.28.0

Checking your domain your name server is buggy - https://check-your-website.server-daten.de/?q=floexe.de

Host T IP-Address is auth. ∑ Queries ∑ Timeout
floexe.de Server failure yes 2 0
www.floexe.de A 45.88.110.112 Bremen/Germany (DE) - First Colo GmbH Hostname: rdns.ip.living-bots.net yes 1 0
AAAA yes

www works, non-www has a Server failure.

X Fatal error: Nameserver doesn't support TCP connection: ns1.dnslinq.de / 45.88.111.111: ServerFailure
X Fatal error: Nameserver doesn't support TCP connection: ns1.dnslinq.de / 2a0c:75c0:0:53::1: ServerFailure
X Fatal error: Nameserver doesn't support TCP connection: ns2.dnslinq.de / 91.218.66.66: ServerFailure
X Fatal error: Nameserver doesn't support TCP connection: ns2.dnslinq.de / 2a0c:75c0:0:53::2: ServerFailure

Authoritative Name servers must support TCP.

Same with CAA and TXT:

mail.floexe.de checks the CAA entry of floexe.de -> that doesn't work.

ns1.dnslinq.de is your name server. They must fix it.

Or change to another DNS provider.

PS: It's not a problem of your existing certificate.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.