Info below. This problem occurred spontaneously (i.e., I caused it at some unknown point). The hostname (which I assume wouldn’t be exposed to the world) is “frodo” and Chrome reports that certificate is issued to “frodo” and issued by “frodo” and /var/log/httpd/ssl_error has errors like: “ssl:warn] [pid 22036] AH01909: RSA certificate configured for bdsmfreestories.com:443 does NOT include an ID which matches the server name”
I guess certbot is picking up the hostname – probably because of something dumb I did – but I have no idea how this occurred or how to fix it. It’s curious, this cert covers bdsmfreestories.com, www.bdsmfreestories.com, dev1.bdsmfreestories.com and dev2.bdsmfreestories.com and both of the dev sites work fine.
Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: bdsmfreestories.com
I ran this command: It produced this output: The problem occurred at some unknown point. I did force a renwal and that didn’t change anything:
certbot --force-renewal renew
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Processing /etc/letsencrypt/renewal/bdsmfreestories.com.conf
Plugins selected: Authenticator apache, Installer apache
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for bdsmfreestories.com
http-01 challenge for dev1.bdsmfreestories.com
http-01 challenge for dev2.bdsmfreestories.com
http-01 challenge for www.bdsmfreestories.com
Waiting for verification…
Cleaning up challenges
new certificate deployed with reload of apache server; fullchain is
/etc/letsencrypt/live/bdsmfreestories.com/fullchain.pem
Congratulations, all renewals succeeded. The following certs have been renewed:
/etc/letsencrypt/live/bdsmfreestories.com/fullchain.pem (success)
My web server is (include version): Apache 2.4.6
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is: CentOS 7.6.1810
Yes, I can login to a root shell
No, I’m NOT using cpanel/WHM/etc.
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you’re using Certbot): certbot 0.35.1