New server, same domain name - Incorrect validation certificate for tls-sni-01 challenge

I’ve installed fresh certbot and wanted to issue certificate with command:

certbot certonly --email my@mail.com --agree-tos --standalone -d my.domain.cz

But it failed with response:

Domain: my.domain.cz
Type: unauthorized
Detail: Incorrect validation certificate for tls-sni-01 challenge.
Requested
65687e08f5e09ffdff1ce3asdasdasdasdasd349.acme.invalid
from XXX.YYY.YYY.YYY:443. Received 2 certificate(s), first
certificate had names “bla.domain.cz, bla2.domain.cz

To fix these errors, please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain
contain(s) the right IP address.

I was using certbot on same server before but I’ve reinstalled it and didn’t backup letsencrypt keys.

What should I do now? Thanks!

This was caused by the wrong port forwarding setting (to another server). All is working now.

Alternatively you can use port 80 to check domain:

certbot certonly --email my@mail.com --agree-tos --standalone --standalone-supported-challenges http-01 -d my.domain.com

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.