Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
Well, currently thereâs no way for you to get a certificate through non-DNS challenge types, because there is no IP address associated with almurjanholding.com nor www.almurjanholding.com. This would be required for the http-01 challenge. It is also required if you want people to surf to your website in the first place, so thereâs something really wrong here!
Also, if you use CloudFlare, itâs not 100 % necessary to have a publically trusted certificate on your own server (the âoriginâ server in CloudFlare terms). See https://www.cloudflare.com/ssl/ for more information, especially the âOrigin CAâ part.
Hello everybody.
I have the same question/issue (How to renew certificate after expiry)
OS: Ubuntu 18.10
HTTP: Apache/2.4.34 (Ubuntu)
Domain: 8881000.com
I was late to renew my certificate by 8 hours.
I ran this command:
sudo certbot --apache
certbot showed:
IMPORTANT NOTES:
Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/cnc.8881000.com/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/cnc.8881000.com/privkey.pem
Your cert will expire on 2020-05-30. To obtain a new or tweaked . . .
You have a new certificate but your Apache server isnât using it. Perhaps you should run sudo service apache2 reload, and also make sure that you didnât copy the original certificate elsewhere and then configure Apache to use the copy rather than the original location (since the Certbot renewal will place the new certificate at the same path where the old certificate was located).
In the output from sudo certbot certificates, you can see that you have two different certificates:
One certificate in /etc/letsencrypt/live/8881000.com, which is expired (you apparently havenât asked to renew it, or the renewal failed for another reason).
One certificate in /etc/letsencrypt/live/cnc.8881000.com, which was successfully renewed and is valid.
These certificates cover different sets of names.
But when we try to connect to https://cnc.8881000.com/, we see that the server shows us the other (expired) certificate, even though that certificate doesnât cover the cnc subdomain at all. Could you look in your Apache configuration and see why Apache thinks it should use that certificate for the cnc subdomain? It seems like your HTTPS configuration might be the same across all of your subdomainsâalways pointing at the same certificateâeven though you have two different certificates managed by Certbot, which therefore need different Apache configuration settings to reference each one.