Issue with renewing certificate

Maxi · August 10, 2018, 12:00pm

Hello Let's Encrypt community,

I have following issue with my certificate. I want to renew the expiring certificate, but i get an authorized failure.

1 renew failure(s), 0 parse failure(s)

IMPORTANT NOTES:

The following errors were reported by the server:

Domain: www.cloud.companyname.de
Type: unauthorized
Detail: Incorrect validation certificate for tls-sni-01 challenge.
Requested
a8c63a9f369517e86bf88ab1ea36362a.a5c3668f10e0f04be17da90aa0dd3ff6.acme.invalid
from ipaddress:443. Received 2 certificate(s), first
certificate had names "cloud.companyname.de, www.cloud.companyname.de"

Domain: cloud.companyname.de
Type: unauthorized
Detail: Incorrect validation certificate for tls-sni-01 challenge.
Requested
51825fce4bc81a79399e9daf4bd60843.76da8bb98019bd71767b4281ccbf3a22.acme.invalid
from ipaddress:443. Received 2 certificate(s), first
certificate had names "cloud.companyname.de, www.cloud.companyname.de"

To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.

I didn't change anything in the config file after creating the first certificate. But where is the problem. Thanks in advance!

Regards,
Maxi

JuergenAuer · August 10, 2018, 12:22pm

Hi @Maxi

your domain is www.cloud.meyer.de . But I can't find an older certificate.

https://transparencyreport.google.com/https/certificates?cert_search_auth=&cert_search_cert=&cert_search=include_expired:true;include_subdomains:true;domain:cloud.meyer.de&lu=cert_search

tls-sni-01 is deprecated and can't used with new domain names.

So switch to http-01 - or dns-01 - validation.

So

Maxi · August 10, 2018, 3:30pm

Hello @JuergenAuer

How can I switch to http-01 - or dns-01 - validation on Linux?

Regards,
Maxi

stevenzhu · August 10, 2018, 3:35pm

You could run certbot --renew --preferred-challenge http (however that would effective override all renewals on your server, so proceed with caution)

Thank you

Maxi · August 10, 2018, 5:37pm

Thank you, it worked!

Regards,
Maxi

system · September 9, 2018, 5:37pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
HomeAssistant & Cert Renew Issues Help	13	4407	September 23, 2017
Renew error: Incorrect validation certificate for tls-sni-01 challenge. Received 2 certificate(s), first certificate had names "biszumbitterenen.de" Help	5	2936	April 9, 2018
Issue to renew? Help	23	7029	December 13, 2018
Cannot Renew Some Certificates Help	11	2645	February 10, 2017
Renew certs results in Incorrect validation certificate Help	10	2373	July 19, 2017

Issue with renewing certificate

Related topics