Issued a self-signed cert, then tried to switch to CA issued cert via letsencrypt

My domain is:

I ran this command:
certbot --apache

It produced this output:
forget to copy but it returned a positive result

My web server is (include version):
apache2 2.4.29-1

The operating system my web server runs on is (include version):
Ubuntu 18.04 within a LXC container on a Ubuntu 18.10 host

My hosting provider, if applicable, is:
DNS services through google domains

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.31.0

Greetings. I am attempting to expose a OnlyOffice DocumentServer docker container to the web. I am using apache2 as my reverse proxy. I have a dynamically assigned public IP address from my IP but use ddclient to update my domain provider - googledomains - dns record so that I can reach my server outside my LAN.

Initially I created a self-signed cert using the directions found on the Directions found here, provided by OnlyOffice.. This was successful however I plan to integrate the server with a Nextcloud server (running on the same TL domain) and NextCloud does not permit self-signed certs.

As such, I deleted the self-signed certs and used letsencrypt/certbot to obtain a CA cert. This was successful (i.e. no errors) and I updated my OnlyOffice.conf (apache) file to point to the letsencrypt certs.

However, when I navigated to the website it still pulled the self-signed cert. I tried numerous attempts to fix this (restarting the server, restarting apache2, restarting the container) and nothing worked. So I decided to change the subdomain from “oo” to “onlyoffice” and obtained a new cert. I updated the onlyoffice.conf file but now when I navigate to the new subdomain it still pulls the self-signed cert for the old domain (even though that sub no longer exists).

Now I admit I know just enough to get in trouble so I imagine thats whats going on here. Ever so, would anyone care to help? I appreciate it!

NOTE: in the pastebins above, my subdomain is obfuscated from ->, and -> as this question was posted in reddit and I believe in specious security measures haha

Hi @NetSpasibo79

there are only timeouts visible ( ).

Domainname Http-Status redirect Sec. G -14 10.027 T
Timeout - The operation has timed out -14 10.027 T
Timeout - The operation has timed out -14 10.027 T
Timeout - The operation has timed out

So it's impossible to check that site.

Without the special port your https sends http over port 443 ( ):

Domainname Http-Status redirect Sec. G 200 0.266 H -4 0.513 W
SendFailure - The underlying connection was closed: An unexpected error occurred on a send. The handshake failed due to an unexpected packet format. 200 0.273 Q

So http over port 443 sends content:

Visible Content: HOLY SHITe Does It work? This is the default welcome page used to test the correct operation of the Apache2 server after installation on Ubuntu systems. It is based on the equivalent page on Debian, from which the Ubuntu Apache packaging is derived. If you can read this page, it means that the Apache HTTP server installed at this site is working properly.

Looks like your standard port has a wrong configuration.

What says

apachectl -S

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.