My TLS-SNI-01 Help request! Details provided


#1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: https://blog.ohanacruises.com/

I ran this command: certbot certonly --debug -d blog.ohanacruises.com -d travel.ohanacruises.com

It produced this output:

My web server is (include version): Apache/2.4.34 (Amazon)

The operating system my web server runs on is (include version): Amazon Linux 2018.3

My hosting provider, if applicable, is: AWS

I can login to a root shell on my machine (yes or no, or I don’t know): YES

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): NO

I am using ACME I believe and need to fix the TLS-SNI-01 expiration issue. I think I have provided all details that was requested.


#2

Try it with preferred challenge HTTP:
certbot certonly --debug -d blog.ohanacruises.com -d travel.ohanacruises.com --preferred-challenges http


#3

That seemed to work. It generated new certificates. I restarted HTTPD service but it doesn’t seem to be serving the new certificate with new validity dates. Am I missing something?


#4

Hmm…
Please show:
cerbot certificates
or try without
certonly


#5

Hi @jeffreylazo

your blog uses the new certificate ( https://check-your-website.server-daten.de/?q=blog.ohanacruises.com )

CN=blog.ohanacruises.com
	19.01.2019
	19.04.2019
	blog.ohanacruises.com - 1 entry

So this works. There is all good. Check your other domain the same way.


#6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.