I am getting an error 426 from Cloudflare that certificate is not valid. Turning off Cloudflare shows me error SSL_ERROR_BAD_CERT_DOMAIN. Any idea how to solve this? Pretty sure it is LetsEncrypt thing. Same settings for other domains on same server work perfectly. I tried renewing, it did not work, because cert is not for renewal, so I tried to force renew. No idea how to proceed. Domain not working because of invalid SSL. What should I do!? Same thing happened for 2 other domains on the same server. For some it works, for some - not. What the... !??!?!?
My domain is: srtrak.click
I ran this command:sudo certbot certonly --dns-cloudflare --dns-cloudflare-credentials /path/to/api/cloudflare.ini --domain srtrak.click,*.srtrak.click --force-renew
It produced this output: `
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator dns-cloudflare, Installer None
Renewing an existing certificate
IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/srtrak.click/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/srtrak.click/privkey.pem
Your cert will expire on 2024-07-15. To obtain a new or tweaked
version of this certificate in the future, simply run certbot
again. To non-interactively renew *all* of your certificates, run
"certbot renew"
- If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le`
My web server is (include version): nginx version: nginx/1.25.4
The operating system my web server runs on is (include version): Ubuntu Linux 20.04.6 Linux 5.4.0-173-generic on x86_64
My hosting provider, if applicable, is: my own bare metal servers
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot): certbot 0.40.0
In case you wonder about the wildcard... I do need the wildcard cert, because of how the system is using this domain for it to function. It generates random subdomains on different links.
What the problem looks like: certbot issuing certificate for another domain. Why!?