Multiple Domain Names

#1

i have 4 domain names pointing to OwnCloud, prior to today i could simple run certbot renew (they were set to renew automatically anyway) and it would be fine.

I’ve logged into our server due to users getting certificate warnings, on investigation it looks like it didn’t renew them. After researching it looks like the certbot was well out of date and wanted to use a new auth challenge.

First step was to get Debian (Jessie) fully updating (i had to change the repo to archive), once that was all up to date i used certbot-auto to update the certbot.

Now when i run certbot and it asks me to which domains i would like to renew the following happens;

  1. if i select 1 domain, it renews the cert fine, but fails to force HTTPS. From a web browser it’s fine and there are no warnings. Other domains give me a mismatch security warning.
  2. if i select all domains, they all update, none of them work as i get the mismatch warning.

I’m not sure what else to look at?

#2

I’ve removed existing certs and wanted to start from scratch. I want to add certs for 4 domains so i use the following command;

certbot --apache -d files.domain1.com -d files.domain2.com -d files.domain3.com -d files.domain4.com

I then get the following;

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
Obtaining a new certificate
Performing the following challenges:
Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA.
Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA.

I’m guessing this is remembering the existing config using the old auth style?

Using certbot --apache --preferred-challenges http

Results in "None of the preferred challenges are supported by the selected plugin
"

#3

certbot-auto installs an up-to-date version but you have to run it as certbot-auto - the certbot command still runs the old version.

See also Certbot’s instructions for Apache on Debian Jessie which recommend removing certbot before installing certbot-auto.

1 Like
closed #4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.