This server could not be identified as www.sanyoalarm.com. The issuer of the security certificate is www.sanyo-push.com. There may be a configuration error or the connection may have been intercepted by an attacker.
After changing the domain name of the server, the domain name is inevitably in the past (www.sanyo-push.com) and I get NET::ERR_CERT_COMMON_NAME_INVALID.
How can I change the issuer to (www.sanyoalarm.com)?
Just a technical point ... that name is a domain name in the cert it is not the "issuer".
All I can say with the info you provided is that your Apache server is not configured properly to use the cert you got for that domain name. Instead, it is using an expired cert for www.sanyo-push.com. Which is also odd because there are more recent certs that have that domain name too.
If you want further advice please complete as much as you can from the form you should have been shown when posting in the Help section
===============================
Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
I ran this command:
It produced this output:
My web server is (include version):
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
5 Likes
Thank you for your Kind.bellow is my environment.
I ran this command:#certbot certonly --standalone -d www.sanyoalarm.com
#systemctl start apache2
It produced this output:#certbot cetificates -> OK,www.sanyoalarm.com Ceiticates format OK.
My web server is (include version):Pache WEB Server( AWS EC2)
The operating system my web server runs on is (include version):Ubuntu 22.04.4
My hosting provider, if applicable, is:AWS EC2
I can login to a root shell on my machine (yes or no, or I don't know):Yes root.
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):I useing EC2 panel
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):cetbot 2.11.0
Please HELP..
you will need to update to apache config to use new certificate: as you used standalone certbot won't do that for you
5 Likes
Yes, as we mentioned you need to configure your Apache system to use the cert you just got.
You can view your certs with this command
sudo certbot certificates
You can review your Apache config with this
sudo apache2ctl -t -D DUMP_VHOSTS
If you show us the output of those two commands we maybe can help more.
5 Likes
下記のように、certbotで証明書も作れず、。
sudo apache2ctl -t -D DUMP_VHOSTSも上手く行きません。
ログはこんな感じです。
root@ip-172-31-13-191:/home/ubuntu# tail -f /var/log/letsencrypt/letsencrypt.log
raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.
2024-07-29 17:03:40,575:ERROR:certbot._internal.log:Some challenges have failed.
2024-07-29 17:05:00,247:DEBUG:urllib3.connectionpool:http://localhost:None "GET /v2/connections?snap=certbot&interface=content HTTP/1.1" 200 97
2024-07-29 17:05:00,488:DEBUG:certbot._internal.main:certbot version: 2.11.0
2024-07-29 17:05:00,488:DEBUG:certbot._internal.main:Location of certbot entry point: /snap/certbot/3834/bin/certbot
2024-07-29 17:05:00,488:DEBUG:certbot._internal.main:Arguments: ['--preconfigured-renewal']
2024-07-29 17:05:00,488:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2024-07-29 17:05:00,497:DEBUG:certbot._internal.log:Root logging level set at 30
2024-07-29 17:05:00,524:DEBUG:certbot._internal.display.obj:Notifying user: No certificates found.
``
①sudo certbot certificates
root@ip-172-31-13-191:/home/ubuntu# sudo certbot certificates
Saving debug log to /var/log/letsencrypt/letsencrypt.log
No certificates found.
root@ip-172-31-13-191:/home/ubuntu#
②root@ip-172-31-13-191:/home/ubuntu# certbot certonly --standalone -d www.sanyoalert.com
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requesting a certificate for www.sanyoalert.com
Certbot failed to authenticate some domains (authenticator: standalone). The Certificate Authority reported these problems:
Domain: www.sanyoalert.com
Type: dns
Detail: DNS problem: NXDOMAIN looking up A for www.sanyoalert.com - check that a DNS record exists for this domain; DNS problem: NXDOMAIN looking up AAAA for www.sanyoalert.com - check that a DNS record exists for this domain
Hint: The Certificate Authority failed to download the challenge files from the temporary standalone webserver started by Certbot on port 80. Ensure that the listed domains point to this machine and that it can accept inbound connections from the internet.
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
③root@ip-172-31-13-191:/home/ubuntu# sudo apache2ctl -t -D DUMP_VHOSTS
AH00526: Syntax error on line 234 of /etc/apache2/apache2.conf:
SSLCertificateFile: file '/etc/letsencrypt/live/www.sanyoalert.com/fullchain.pem' does not exist or is empty
Action '-t -D DUMP_VHOSTS' failed.
The Apache error log may have more information.
root@ip-172-31-13-191:/home/ubuntu#
I see three different domain names:
4 Likes
I can see you got certs for www.sanyoalarm.com (above) but not www.sanyoalert.com (below)
Where did your certificates go? You have gotten 5 certs for sanyoalarm in the past day.
5 Likes
As follows: www.sanyoalarm.com is 5limit,then and change to www.sanypalert.com.
I get an error when I run www.sanyoalert.comの証明書を作ろうとして, with certbot. Of course, apach2 is not running. I looked for the old sanyoalarm, but it seems to be ok.
I'm curious about this.
(1) www.sanyo-push.comが期限切れになった.
(2) At that time, I had stopped EC2 for a long time.
(3) When I started running EC2, it had expired, so I changed it to sanyoalarm,sanyoalert and tried one after another (due to the 5-times limit), but the issuer is www.sanyo-push.com (the original domain before the expiration), and it doesn't seem to be the correct certificate.
I leave the ubuntu command log below.
Please help!
'
Please send me [www.sanyoalert.com] 's Certificate.
my mail is 'h-sumada@sanyoseiko.co.jp'
Getting the certificate yourself from https://crt.sh is easy. If you don't have the private key for that certificate, there's no point. Unless you have the private key on your server, you'll need a new certificate (with a new private key).
6 Likes
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.