I added domains to my certificate but it won't serve the added domains

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:lansdalelibrary.org, www.lansdalelibrary.org

I ran this command:sudo certbot --apache -d www.lansdalelibrary.org,lansdalelibrary.org

It produced this output:it said it was successful

My web server is (include version):apache unsure of version

The operating system my web server runs on is (include version):ubuntu 18.04 LTS

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):certbot 1.11.0

2 Likes

So what's the problem? Your site is serving the site that was issued a little over an hour ago, covering both lansdalelibrary.org and www.lansdalelibrary.org.

1 Like

Hi @lantech19446

I don't see a big problem (a small is visible) - see https://check-your-website.server-daten.de/?q=lansdalelibrary.org

You have created three certificates

Issuer not before not after Domain names LE-Duplicate next LE
R3 2021-01-21 2021-04-21 lansdalelibrary.org - 1 entries duplicate nr. 2
R3 2021-01-21 2021-04-21 lansdalelibrary.org, www.lansdalelibrary.org - 2 entries duplicate nr. 1
R3 2021-01-21 2021-04-21 lansdalelibrary.org - 1 entries duplicate nr. 1

Don't create a new certificate, that with two domain names is good.

And you use that certificate:

CN=www.lansdalelibrary.org
	21.01.2021
	21.04.2021
expires in 90 days	lansdalelibrary.org, www.lansdalelibrary.org - 2 entries

See the #url-check - part:

Domainname Http-Status redirect Sec. G
http://lansdalelibrary.org/ 75.150.154.169 301 https://lansdalelibrary.org/ Html is minified: 100,00 % 0.236 A
http://www.lansdalelibrary.org/ 75.150.154.169 GZip used - 5036 / 14730 - 65,81 % 200 Html is minified: 144,41 % 0.234 H
https://lansdalelibrary.org/ 75.150.154.169 GZip used - 5036 / 14730 - 65,81 % Inline-JavaScript (∑/total): 7/1466 Inline-CSS (∑/total): 0/0 200 Html is minified: 144,41 % 3.656 I
https://www.lansdalelibrary.org/ 75.150.154.169 GZip used - 5036 / 14730 - 65,81 % Inline-JavaScript (∑/total): 7/1466 Inline-CSS (∑/total): 0/0 200 Html is minified: 144,41 % 3.440 I

No Certificate warning, both domain names have the correct certificate.

Minor problem: Your http + www isn't redirected to https.

And one image has a http link:

http://lansdalelibrary.org/coalition/cfreasj5.png

that's mixed content you should change.

2 Likes

It says it's covering them but I still get the unsecure connection notice when I go to www.lansdalelibrary.org. lansdalelibrary.org is working correctly

1 Like

I'm not sure I understand how to make http+www redirect I thought that would happen automatically since I told certbot to set it up for me. I'm not the developer of the page and honestly I know very little about coding I'm just the sys admin who gets to do this part. I will let my director know to fix that link though

1 Like

That's just because it's a http connection that isn't redirecting to https. If you go to https://www.lansdalelibrary.org you'll see it's working fine.

2 Likes

May be Certbot doesn't understand your configuration.

What says

apachectl -S

There you have the port 80 vHost definitions.

If you have two (one non-www, one www),compare both to find the redirect.

So your system has already all informations to add that.

2 Likes

When I run that command I get an error

apachectl -S
AH00526: Syntax error on line 35 of /etc/apache2/sites-enabled/000-
default-le-ssl.conf:
SSLCertificateFile: file '/etc/letsencrypt/live/lansdalelibrary.org
/fullchain.pem' does not exist or is empty
Action '-S' failed.
The Apache error log may have more information

2 Likes

Use this instead:

sudo apachectl -S

2 Likes

Hey thanks for the help I managed to find the ghost and add the redirect so www is working now

2 Likes

The topic says you added domains and they aren't being served.
But you are not clear about exactly which domains.
So, which are not being served?

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.