Got certificates for sub domains, but not top domain

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g., so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:sudo certbot --apache

It produced this output:Obtaining a new certificate
Performing the following challenges:
http-01 challenge for
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from “\n\n\n<meta charset=“UTF-8”>\n<meta name=“viewport” content=“width=device-width, initial-scale=1”>\n<link”


My web server is (include version):Apache2

The operating system my web server runs on is (include version):Ubuntu 18.04.1 LTS

My hosting provider, if applicable, is:Me

I can login to a root shell on my machine (yes or no, or I don’t know):Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.28.0

Additional notes: I was able to obtain valid certificates for my sub-domains, which are and using this utility. They exist on a virtual server that is also serving, so I am at a loss.

Check that you don't have multiple virtual hosts with for a ServerName or ServerAlias:

apachectl -t -D DUMP_VHOSTS

Both show: “Assessment failed: No secure protocols supported”

Well, that’s interesting; it shows a problem with, but that certificate is fine; here’s the output:

AH00526: Syntax error on line 54 of /etc/apache2/sites-enabled/
SSLCertificateFile: file ‘/etc/letsencrypt/live/’ does not exist or is empty
Action ‘-t -D DUMP_VHOSTS’ failed.
The Apache error log may have more information.

Did you run it as root?

No, I’m kinda dumb that way. Thanks for the advice, I did that, and found an original wordpress.conf file that was created before I went with virtual servers, and that was messing things up. Got my certificate now, thank you so much for the help!


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.