Multiple Domains In Relation to SSL certificate/ Verify SSL Certificate Status

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:
excynic.net, excynic.com

I ran this command:
certbot certonly --webroot -w /var/www/html -d excynic.com -d www.excynic.com

It produced this output:
Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems:
Domain: excynic.com
Type: unauthorized
Detail: 138.197.66.45: Invalid response from http://excynic.com/.well-known/acme-challenge/cQ_iIfwy1b0LeBOs0jwTzs2keYghCtoY45tuiglZgi8: 404

Domain: www.excynic.com
Type: unauthorized
Detail: 138.197.66.45: Invalid response from http://www.excynic.com/.well-known/acme-challenge/SBY-6ibznNFE5EZCL6C362a80nyLNl0zP8L2yUfLdM4: 404

My web server is (include version):
OpenLiteSpeed WordPress 6.2.2

The operating system my web server runs on is (include version):
Ubuntu2204

My hosting provider, if applicable, is:
Digital Ocean

I can login to a root shell on my machine (yes or no, or I don't know):
Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
Digital Ocean

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
certbot 1.21.0

Details:
I see this is a common preface here, but please excuse me for being out of my depth. I originally set up an SSL certificate(and website) for the domain excynic.com. I planned to recreate the site on excynic.net and have successful configured DNS and requested an SSL certificate. www.excynic.net/excynic.net function as intended. Now I used the command provided to add excynic.com to the virtual machine, after adding it to the listeners in openlitespeed's application. The most unfortunate fact is I have deleted the original Digital Ocean droplet that excynic.com was in. I have been unable to find out how one would cancel a certificate and/or verify that my issue is related to the requested certificate belonging to another virtual machine. Any input is greatly appreciated even if it's semi-unrelated and points me in the right direction. The ultimate goal would be to have both www.excynic.net and www.excynic.com redirected to be the same website and display the domain www.excynic.com.

Thank you,
Evan

What does that mean?
If you have a "control panel", then can't it get the cert(s) for you?

If you need to get it "yourself", then let's review the changes made:

I'm not a LiteSpeed expert but it should be straight-forward enough to look at.

Then, I think you've come to the right place - LOL

My understanding is that Digital Ocean expects one to use the built-in console to request certification.

Screenshot 2023-10-19 1943461603×235 17.5 KB

I really hope so and I apologize if anyone ends up answering something beyond the scope of this forum for me.

What shows?:
sudo apachectl -t -D DUMP_VHOSTS

sudo: apachectl: command not found
root@openlitespeedwordpress622onubuntu2204-s-1vcpu-2gb-nyc3-01:~#

Sorry, that was a shot in the dark

Fair enough. Is excynic.com unable to get a certification with my new virtual machine because I didn't go through some sort of cancellation process before I deleted it?

No; That shouln't matter.
The limit is that you can obtain up to five identical certs [within one week].

Maybe try getting them individually.
[each domain name separately]

I'm not sure I understand fully.
excynic.com was previously working on virtual machine A.
I created virtual machine B to remake the website.
I got the certification for excynic.net on virtual machine B figured out.
I deleted virtual machine A.
I want to use the domain: excynic.com on virtual machine B, but I am getting this error. My main issue is trying to discern if it has anything to do with the certification being locked up on the deleted virtual machine A. Please tell me I'm completely misunderstanding how this works.

Machine A has nothing to do with machine B.

Machine B is allowed to obtain any certs in any way it can.
Make sure all the DNS IPs are pointing to machine B.
etc.

Do you always include the IP when you get a cert?

If I understand the question, then no. The only way I've added a cert successfully has been through the start up prompts in the VM's console. The process for adding the 2nd one is one I found online and have not been successful doing so before.

Can you help me make sense of this? Is this what you meant by a maximum of 5?

Screenshot 2023-10-19 214507909×350 52.4 KB

It's strange that one name works and the other doesn't.
It should just be an alias [alt name] for the same site.

Limited to five in the same week.
I only see two on the same day there [twice] - well below any limit.

You need someone who really understands how it works:

Screenshot 2023-10-19 2147111223×740 58.1 KB

The DNS settings here are mirrored for excynic.net
Do I need to point excynic.com at excynic.net as well as the VM itself?

Thank you so much for all your help regardless. Hopefully that someone does come along, and I haven't scared them off with all this information. I'll continue the search for answers on my own and update the thread if I find a solution. Thank you again.

No.
Your DNS looks fine to me.
Technically, they can be two separate sites.
You can:

• merge all the names onto one site
• have two sites
  where one site merely redirects to the other

As long as all the names resolve to that same IP, that system should be able to handle them all.
As it does for the rest of its' customers.

Screenshot 2023-10-19 2205411585×435 168 KB

Thanks so much. I believe it should become a secure site after it propagates(?). The issue was I added the listeners to the wrong port. Your explanation of things has 100% brought me to this conclusion. I really appreciate your help.