Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs, so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: observastore.com & casazza.net, plus several others
I ran this command: I have tried several the last attempt (which I did not expect to work) was:
certbot certonly --webroot -d observastore.com -d www.observastore.com -d casazza.net -d www.casazza.net
I then edited the SSL site definition file for https://casazza.net to include:
SSLCertificateFile /etc/letsencrypt/live/observastore.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/observastore.com/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/observastore.com/chain.pem
It produced this output:
Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/observastore.com/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/observastore.com/privkey.pem
Your cert will expire on 2019-09-28. To obtain a new or tweaked
version of this certificate in the future, simply run certbot
again. To non-interactively renew all of your certificates, run
“certbot renew”
You should test your configuration at:
https://www.ssllabs.com/ssltest/analyze.html?d=casazza.net
Result: Certificate name mismatch
My web server is (include version): Apache 2.4.6.89
The operating system my web server runs on is (include version): centos 7.6
My hosting provider, if applicable, is: 1&1.com aka ionos.com
I can login to a root shell on my machine (yes or no, or I don’t know): Yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you’re using Certbot): 0.34.2
So far I have figured out why the --apache and default challenge does not work. I have two choices. 1.) use --webroot 2). move the webroot folder aside and place an empty one with a single index.html while the script runs
My latest attempt seemed wrong, but no matter what I do I get the error “Certificate name mismatch” on casazza.net (I setup observastore.com first). Previously, I did the webroot folder switch and used the --apache command line on casazza.net which completed successfully and also ended up with “Certificate name mismatch”
In the end I have 6 totally different domains sharing a single IP address and I want to set up https for each one of them. What is the secret to accomplish this?