Just spun up this server yesterday on Linode. We’ve had issues getting Letsencrypt up and running since the start so the current MaxRetryError is just the last in a series. We’re not having issues with install or operations on our other servers with Letsencrypt. We used https://certbot.eff.org/lets-encrypt/ubuntubionic-nginx for install instructions.
My domain is:
staging1.vividiridium.com
I ran this command:
sudo certbot --nginx
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Enter email address (used for urgent renewal and security notices) (Enter ‘c’ to
cancel): --redacted–
Certificate did not match expected hostname: acme-v02.api.letsencrypt.org. Certificate: {‘subject’: (((‘countryName’, ‘US’),), ((‘stateOrProvinceName’, ‘Texas’),), ((‘localityName’, ‘Fort Worth’),), ((‘jurisdictionCountryName’, ‘US’),), ((‘jurisdictionStateOrProvinceName’, ‘Delaware’),), ((‘organizationName’, ‘American Airlines Inc’),), ((‘businessCategory’, ‘Private Organization’),), ((‘serialNumber’, ‘0332421’),), ((‘commonName’, ‘av.aa.com’),)), ‘issuer’: (((‘countryName’, ‘US’),), ((‘organizationName’, ‘Entrust, Inc.’),), ((‘organizationalUnitName’, ‘See www.entrust.net/legal-terms’),), ((‘organizationalUnitName’, ‘© 2014 Entrust, Inc. - for authorized use only’),), ((‘commonName’, ‘Entrust Certification Authority - L1M’),)), ‘version’: 3, ‘serialNumber’: ‘5EDEDE15D8622B120000000054D0C24A’, ‘notBefore’: ‘Jan 13 16:25:04 2020 GMT’, ‘notAfter’: ‘Jan 13 16:55:04 2022 GMT’, ‘subjectAltName’: ((‘DNS’, ‘av.aa.com’), (‘DNS’, ‘www.simplymiles.com’), (‘DNS’, ‘simplymiles.com’), (‘DNS’, ‘resagent.aa.com’), (‘DNS’, ‘asguard.aa.com’)), ‘OCSP’: (‘http://ocsp.entrust.net’,), ‘caIssuers’: (‘http://aia.entrust.net/l1m-chain256.cer’,), ‘crlDistributionPoints’: (‘http://crl.entrust.net/level1m.crl’,)}
An unexpected error occurred:
Traceback (most recent call last):
File “/usr/lib/python3/dist-packages/urllib3/connectionpool.py”, line 601, in urlopen
chunked=chunked)
File “/usr/lib/python3/dist-packages/urllib3/connectionpool.py”, line 346, in _make_request
self._validate_conn(conn)
File “/usr/lib/python3/dist-packages/urllib3/connectionpool.py”, line 852, in _validate_conn
conn.connect()
File “/usr/lib/python3/dist-packages/urllib3/connection.py”, line 346, in connect
_match_hostname(cert, self.assert_hostname or hostname)
File “/usr/lib/python3/dist-packages/urllib3/connection.py”, line 356, in _match_hostname
match_hostname(cert, asserted_hostname)
File “/usr/lib/python3.6/ssl.py”, line 327, in match_hostname
% (hostname, ', '.join(map(repr, dnsnames))))
ssl.CertificateError: hostname ‘acme-v02.api.letsencrypt.org’ doesn’t match either of ‘av.aa.com’, ‘www.simplymiles.com’, ‘simplymiles.com’, ‘resagent.aa.com’, ‘asguard.aa.com’
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File “/usr/lib/python3/dist-packages/requests/adapters.py”, line 440, in send
timeout=timeout
File “/usr/lib/python3/dist-packages/urllib3/connectionpool.py”, line 639, in urlopen
_stacktrace=sys.exc_info()[2])
File “/usr/lib/python3/dist-packages/urllib3/util/retry.py”, line 398, in increment
raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host=‘acme-v02.api.letsencrypt.org’, port=443): Max retries exceeded with url: /directory (Caused by SSLError(CertificateError(“hostname ‘acme-v02.api.letsencrypt.org’ doesn’t match either of ‘av.aa.com’, ‘www.simplymiles.com’, ‘simplymiles.com’, ‘resagent.aa.com’, ‘asguard.aa.com’”,),))
During handling of the above exception, another exception occurred:
requests.exceptions.SSLError: HTTPSConnectionPool(host=‘acme-v02.api.letsencrypt.org’, port=443): Max retries exceeded with url: /directory (Caused by SSLError(CertificateError(“hostname ‘acme-v02.api.letsencrypt.org’ doesn’t match either of ‘av.aa.com’, ‘www.simplymiles.com’, ‘simplymiles.com’, ‘resagent.aa.com’, ‘asguard.aa.com’”,),))
Please see the logfiles in /var/log/letsencrypt for more details.
My web server is (include version):
nginx version: nginx/1.14.0 (Ubuntu)
The operating system my web server runs on is (include version):
Ubuntu 18.04
My hosting provider, if applicable, is:
self
I can login to a root shell on my machine (yes or no, or I don’t know):
yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
no
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you’re using Certbot):
certbot 0.31.0