My domain is: derwäscheladen.at --> (xn--derwscheladen-efb.at)
I ran this command: certbot renew
It produced this output:
My web server is (include version): Apache/2.4.57 (Debian)
The operating system my web server runs on is (include version): Linux Debian 12
My hosting provider, if applicable, is: me
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of
certbot --version or
certbot-auto --version if you're using Certbot): certbot 2.1.0
Your webserver, when requesting
http://xn--derwscheladen-efb.at/ redirects to
While the HTTP to HTTPS redirect usually isn't an issue, the punycode to IDN translation is, as IDN is not directly supported in DNS, but needs to be translated to punycode.
Also note that your certificate doesn't include the "apex" domain name, but only the
www subdomain. You might want to include both.
Thank you, could you please help me how to do this? I'm relatively new to the web hosting topic.
Above is the punycode value for your www domain. Just use that value in your Apache Rewrite, Redirect, or .htaccess instead of
Thank you, unfortunately, the error still persists. Is this fine now, or:
You missed a dash (
-). It should be two instead of one.
It should also include the slash (
/) at the end.
Oh, my fault, sorry.
The error message is shorter now, but still present:
There's no such thing as THE error message; this one is a different one.
It seems you have two certificates sort of "known" to Certbot: one which just renewed just fine and one that's broken.
Please show the output of
Yes, that's true, sorry.
Okay, that's interesting.
Well that would be a problem.
But why do I have 2 certificates, and do I really need both of them?
Based on the output of
certbot certificates, you only have one [working] certificate.
But we can't even see the second one.
From what can be seen, the first includes
-0001 which is usually a sign of things not going to plan.
Creating the certificate was done by someone else, and I just watched. But from what I know, there was initially a problem, and we had to try it again. I believe it had something to do with the "Punycode" or the "ä". Is it possible that these are the two certificates, and the non-functional one is the one that couldn't be created?
If a cert was created, then it can be used.
If a cert can't be used, then it wasn't created.
Okay, thank you. How should I proceed now? Does the website remain certified due to the functioning certificate, and should I just leave the non-functioning certificate as is, or what should I do?
Please explain and detail:
Your cert for that domain was renewed but your Apache is not yet using it. You probably need to reload Apache. This should work:
You should use cron to reload Apache daily or we can adjust your certbot renewal to do it every time the cert is renewed. Let us know what you prefer.
As for your "broken" renewal file that you say is empty you could just delete that renewal conf file. You can't use the normal certbot
delete command because it is broken so just delete it manually.
I meant that where the config file is empty.
I have done it.
I think I'll do it every time certbot renew. Would this command fit:
certbot renew --quiet && apache2ctl graceful