My domain is: exwebsite.com
I ran this command:certbot-auto --apache
It produced this output:
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel):
Cert not yet due for renewal
You have an existing certificate that has exactly the same domains or certificate name you requested and isn't close to expiry.
(ref: /etc/letsencrypt/renewal/exwebsite.com.conf)
What would you like to do?
1: Attempt to reinstall this existing certificate
2: Renew & replace the cert (may be subject to CA rate limits)
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2
Renewing an existing certificate for exwebsite.com and www.exwebsite.com
Created an SSL vhost at /etc/httpd/sites-available/exwebsite.com-le-ssl.conf
Deploying Certificate to VirtualHost /etc/httpd/sites-available/exwebsite.com-le-ssl.conf
Enabling site /etc/httpd/sites-available/exwebsite.com-le-ssl.conf by adding Include to root configuration
Deploying Certificate to VirtualHost /etc/httpd/sites-available/exwebsite.com-le-ssl.conf
Redirecting vhost in /etc/httpd/sites-enabled/exwebsite.com.conf to ssl vhost in /etc/httpd/sites-available/exwebsite.com-le-ssl.conf
Your existing certificate has been successfully renewed, and the new certificate
has been installed.
The new certificate covers the following domains: https://exwebsite.com and
https://www.exwebsite.com
IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/exwebsite.com/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/exwebsite.com/privkey.pem
Your cert will expire on 2021-04-07. To obtain a new or tweaked
version of this certificate in the future, simply run certbot-auto
again with the "certonly" option. To non-interactively renew all
of your certificates, run "certbot-auto renew"
My web server is (include version): Apache/2.4.37
The operating system my web server runs on is (include version): CentOS 8
My hosting provider, if applicable, is: Linode
I can login to a root shell on my machine (yes or no, or I don't know): Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot): certbot 1.10.1
The non www URL does not work. Browser give error "SEC_ERROR_UNKNOWN_ISSUER"
When I view the certificate in the browser, the Common Name & Subject Alt Name is "xxxx.members.linode.com"
hostnamectl returns "exwebsite.com"
Apache domain vhost config:
<VirtualHost *:80>
ServerName exwebsite.com
ServerAlias www.exwebsite.com
..............
Everything was working for at least a few weeks. Now it seems the certificate being served by Apache changed. I did change the configured host name of the system(/etc/hostname) to match the domain a few weeks ago. But everything was working after the change. I've tried running with flags "certonly" and "-d" to set domain names, but the best I can get now is running only the "--apache" flag. When I do this, www.exwebsite.com URL works, but not exwebsite.com.