Lets encrypt auto setup not showing domain


#1

Hi there, this is probably a super easy question, and sorry for that is just that I’m a complete beginner :wink:

I used to have a no-ip.org domain running on my webserver, but now I bought a real domain and I have a free dynamic dos redirecting it to my machines public IP, unfortunately, when I run ./letsencrypt-auto --apache it only shows the no-ip.org domain (which is deactivated and I no longer own). How can I make it show my new domain? Do I have ti write it in some file?

Ubuntu Server 14.04 LTS
Apache2

Thank you,
Tiago Ferreira


#2

You can always add the domains to the command line ( -d example.com -d www.example.com ) it should be able to read them from the apache config files though ( assuming they are hosted on that machine )


#3

So add it both times, once with www. and the other without? Should I try solving the config on the apache to the new domain, wouldn’t that help on possible future problems?


#4

Ups, when I tried that I got:

Error while running apache2ctl -k graceful.
httpd not running, trying to start
Action '-k graceful' failed.
The Apache error log may have more information.

AH00557: apache2: apr_sockaddr_info_get() failed for (my servers name).(my domain).com
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1. Set the 'ServerName' directive globally to suppress this message


IMPORTANT NOTES:
 - If you lose your account credentials, you can recover through
   e-mails sent to (my email)@gmail.com.
 - The following 'urn:acme:error:connection' errors were reported by
   the server:

   Domains: (my domain).com, www.(my domaini.com
   Error: The server could not connect to the client to verify the
   domain
 - Your account credentials have been saved in your Let's Encrypt
   configuration directory at /etc/letsencrypt. You should make a
   secure backup of this folder now. This configuration directory will
   also contain certificates and private keys obtained by Let's
   Encrypt so making regular backups of this folder is ideal.

#5

Sounds like you didn’t change the Apache configuration files after the domain change? Because Let’s Encrypt just reads those config files…


#6

Yeah probably… Any advice on where I need to make changes?

BTW, I tried using the -d for my domain but I got this:

Error while running apache2ctl -k graceful.
httpd not running, trying to start
Action '-k graceful' failed.
The Apache error log may have more information.

AH00557: apache2: apr_sockaddr_info_get() failed for iOrangy-Server.tiferrei.com
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1. Set the 'ServerName' directive globally to suppress this message


IMPORTANT NOTES:
 - If you lose your account credentials, you can recover through
   e-mails sent to tiferrei2000@gmail.com.
 - The following 'urn:acme:error:connection' errors were reported by
   the server:

   Domains: tiferrei.com, www.tiferrei.com
   Error: The server could not connect to the client to verify the
   domain
 - Your account credentials have been saved in your Let's Encrypt
   configuration directory at /etc/letsencrypt. You should make a
   secure backup of this folder now. This configuration directory will
   also contain certificates and private keys obtained by Let's
   Encrypt so making regular backups of this folder is ideal.
tiferrei@iOrangy-Server:~/letsencrypt$ sudo service apache2 restart
sudo: unable to resolve host iOrangy-Server.tiferrei.com
 * Restarting web server apache2                                                                                                                                                                 AH00557: apache2: apr_sockaddr_info_get() failed for iOrangy-Server.tiferrei.com
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1. Set the 'ServerName' directive globally to suppress this message
Action 'start' failed.
The Apache error log may have more information.

And apache couldn’t even start… so I googled it and solved the apache restart by resetting the /etc/hosts and /etc/hostname files.

I tried running it again and this time I only got this:

Updating letsencrypt and virtual environment dependencies.......
Running with virtualenv: sudo /home/tiferrei/.local/share/letsencrypt/bin/letsencrypt --apache -d tiferrei.com -d www.tiferrei.com
Failed authorization procedure. tiferrei.com (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Failed to connect to host for DVSNI challenge, www.tiferrei.com (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Failed to connect to host for DVSNI challenge

IMPORTANT NOTES:
 - The following 'urn:acme:error:connection' errors were reported by
   the server:

   Domains: tiferrei.com, www.tiferrei.com
   Error: The server could not connect to the client to verify the
   domain

Seems like a progress but https://www.tiferrei.com still doesn’t loads, however www.tiferrei.com works perfectly.

Thanks,
Tiago


#7

How could http://www.tiferrei.com work if your Apache isn’t even starting? :confused:

You should look into your Apache configuration. The only thing I see here is CLI outputs, no config files… Ah, you solved that :stuck_out_tongue:


#8

No, it was starting until I ran the Lets encrypt client, then it stood working and so i Reset the host files and restarted the server and it started woking again, down time 5 min if I’m correct.


#9

What should I look for?
/etc/apache2/apache2.conf dosent even contain my old domain written.


#10

I don’t know why the Let’s Encrypt insists on a tls-sni-01 challenge, but you could generate a self-signed certificate and make a HTTPS VirtualHost with tiferrei.com as wel as www.tiferrei.com in the subjectaltnames (choose one as the Common Name). That should get rid of the error.