Issue with renewing certificate


#1

Hello Let’s Encrypt community,

I have following issue with my certificate. I want to renew the expiring certificate, but i get an authorized failure.

1 renew failure(s), 0 parse failure(s)

IMPORTANT NOTES:

  • The following errors were reported by the server:

    Domain: www.cloud.companyname.de
    Type: unauthorized
    Detail: Incorrect validation certificate for tls-sni-01 challenge.
    Requested
    a8c63a9f369517e86bf88ab1ea36362a.a5c3668f10e0f04be17da90aa0dd3ff6.acme.invalid
    from ipaddress:443. Received 2 certificate(s), first
    certificate had names “cloud.companyname.de, www.cloud.companyname.de”

    Domain: cloud.companyname.de
    Type: unauthorized
    Detail: Incorrect validation certificate for tls-sni-01 challenge.
    Requested
    51825fce4bc81a79399e9daf4bd60843.76da8bb98019bd71767b4281ccbf3a22.acme.invalid
    from ipaddress:443. Received 2 certificate(s), first
    certificate had names “cloud.companyname.de, www.cloud.companyname.de”

    To fix these errors, please make sure that your domain name was
    entered correctly and the DNS A/AAAA record(s) for that domain
    contain(s) the right IP address.

I didn’t change anything in the config file after creating the first certificate. But where is the problem. Thanks in advance!

Regards,
Maxi


#2

Hi @Maxi

your domain is www.cloud.meyer.de . But I can’t find an older certificate.

https://transparencyreport.google.com/https/certificates?cert_search_auth=&cert_search_cert=&cert_search=include_expired:true;include_subdomains:true;domain:cloud.meyer.de&lu=cert_search

tls-sni-01 is deprecated and can’t used with new domain names.

So switch to http-01 - or dns-01 - validation.

So


#3

Hello @JuergenAuer

How can I switch to http-01 - or dns-01 - validation on Linux?

Regards,
Maxi


#4

You could run certbot --renew --preferred-challenge http (however that would effective override all renewals on your server, so proceed with caution)

Thank you


#5

Thank you, it worked!

Regards,
Maxi


#6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.