MIgrate ssl certbot


#1

Greetings. Attempt to migrate my server ssl and ip sertifications for a scheduled server change. Backup / etc / letsencrypt / into a .tar and install it on the new server !! But when activating or trying to activate the new certificate or the renewal of the same gives me the following error that I recommend to do.

Failed authorization procedure. (Tls-sni-01): urn: acme: error: unauthorized :: The client lacks sufficient authorization :: Incorrect validation certificate for tls-sni-01 challenge. Requested fea8bb71ed31fef6db4c2d57f1f76d7f.83a1e7f608ff84295a77b1b7ed38ad27.acme.invalid from 52.39.223.158:443. Received 2 certificate (s), first certificate had names “capacitacion.digital”

IMPORTANT NOTES:

  • The following errors were reported by the server:

    Domain: training.digital
    Type: unauthorized
    Detail: Incorrect validation certificate for tls-sni-01 challenge.
    Requested
    Fea8bb71ed31fef6db4c2d57f1f76d7f.83a1e7f608ff84295a77b1b7ed38ad27.acme.invalid
    From 52.39.223.158:443. Received 2 certificate (s), first
    Certificate had names “capacitacion.digital”

    To fix these errors, please make sure your domain name was
    Entered correctly and the DNS A record (s) for that domain
    Contain (s) the right IP address.
    Root @ ip-172-31-10-80: / etc / letsencrypt # certbot renew
    Saving debug log to /var/log/letsencrypt/letsencrypt.log

No renewals were attempted.


#2

Hi @schmann,

Is capacitacion.digital your domain name?

Had you already switched over the DNS so that this domain name points to the new server? One reason for this error message could be if the DNS records were still pointed at the old server, but you were trying to obtain a certificate on the new server.

Also, if you’re just going to get a new certificate, there isn’t really any reason to back up /etc/letsencrypt; you can do just fine allowing Certbot to create a new one on the new server.


closed #3

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.