Let's Encrypt Certificates for multiple domains and sub-domains on same server


#1

Please fill out the fields below so we can help you better.

My domain is:salatinvestments.com

I ran this command: ./certbot-auto --apache -d mfaccount.in certonly

It produced this output: /root/.local/share/letsencrypt/lib/python2.6/site-packages/cryptography/init.py:26: DeprecationWarning: Python 2.6 is no longer supported by the Python core team, please upgrade your Python. A future version of cryptography will drop support for Python 2.6
DeprecationWarning
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Obtaining a new certificate
Performing the following challenges:
tls-sni-01 challenge for mfaccount.in

We were unable to find a vhost with a ServerName or Address of mfaccount.in.
Which virtual host would you like to choose?
(note: conf files with multiple vhosts are not yet supported)

1: le-redirect-salatinvestments.c | salatinvestments.com | | Enabled
2: ssl.conf | | HTTPS | Enabled

Select the appropriate number [1-2] then [enter] (press ‘c’ to cancel): 1
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. mfaccount.in (tls-sni-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Incorrect validation certificate for TLS-SNI-01 challenge. Requested 162f97eab9a3978fa97f1e070e5b12a7.d0a08a69ae13d62b8b177541a8274ee1.acme.invalid from 198.24.154.196:443. Received 1 certificate(s), first certificate had names “*.salatinvestments.com”

IMPORTANT NOTES:

  • The following errors were reported by the server:

    Domain: mfaccount.in
    Type: unauthorized
    Detail: Incorrect validation certificate for TLS-SNI-01 challenge.
    Requested
    162f97eab9a3978fa97f1e070e5b12a7.d0a08a69ae13d62b8b177541a8274ee1.acme.invalid
    from 198.24.154.196:443. Received 1 certificate(s), first
    certificate had names “*.salatinvestments.com”

    To fix these errors, please make sure that your domain name was
    entered correctly and the DNS A record(s) for that domain
    contain(s) the right IP address.

My operating system is (include version): CentOS release 6.2

My web server is (include version): Apache/2.2.15 (Unix)

My hosting provider, if applicable, is:ewebguru

I can login to a root shell on my machine (yes or no, or I don’t know):yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):


#2

This looks as if your apache config isn’t understood fully by certbot (it couldn’t find mfaccount.in in your apache config )

You may be better using the “webroot” option which will get round this issue.


#3

Hi @serverco , im having confusion in this multiple domains with same webserver and same ip.

Previously i have configured ssl through certbot-auto. for the first time it showed my sub domain and everything went well. But we have Tomcat. so i converted those keys PKCS12. and then enabled ssl in tomcat pointing key file and credential.
And now we have created one more sub-domain on the same ip. but this time certbot-auto was not detecting the 2nd sub-domain. can you please help me out on this. Thanks.


#4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.