Not able to obtain lets encrypt certificate


I am trying hard to find a solution and also used some help from this topic and I am following the tutorial from here

My domain is:

I ran this command: sudo lego --email="" --domains=makeyourbrand --path="/etc/lego" --webroot="/opt/bitnami/apps/wordpress/htdocs/" run

It produced this output:
2018/12/18 11:07:22 [INFO] [makeyourbrand,] acme: Obtaining bundled SAN certificate
2018/12/18 11:07:22 Could not obtain certificates
acme: Error 400 - urn:ietf:params:acme:error:malformed - Error creating new order :: DNS name does not have enough labels

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I am confused on how to solve this issue, as not much error data is available. I hope someone can help me on this ?


That should be “” – the first one is missing “.in”.

Edit: Actually, I’m not sure, but it might need more quotation marks, like:

--domains="" --domains=""


Thank you for replying, it worked for sometime :stuck_out_tongue: , this time I got a new error actually.

2018/12/18 11:23:04 [INFO] [] acme: Trying to solve HTTP-01
2018/12/18 11:23:09 accept tcp [::]:80: use of closed network connection
2018/12/18 11:23:09 Could not obtain certificates
acme: Error -> One or more domains had a problem:
[] acme: Error 400 - urn:ietf:params:acme:error:dns - DNS problem: NXDOMAIN looking up A for

#4 has this IP address:       300     IN      A

But doesn’t have any DNS records. You have to add another A record for www.

By the way, it looks like your web server isn’t running right now.


That worked!!! I moved on to STEP 3. and I ran the first command but then error pops up

mv: cannot stat '/opt/bitnami/apache2/conf/server.crt': No such file or directory

I checked the directory and there was no such server.crt. Did I miss some command ?

I have attached the files image - here


There is no server.crt ,server.key or server.csr files in /opt/bitnami/apache2/conf/ directory. and I followed exactly same steps as mentioned in the tutorial here


That step simple moves any pre-existing cert to “old” and links to the new cert.
You can ignore the errors about the “mv” for pre-existing cert if you never had one.
As long as you have the new cert:
ls -l /etc/lego/certificates/DOMAIN.*
You should be ok to confinue.


@rg305 Thank you for replying, I have completed all the steps but when I run my website on https. It says “ERR_SSL_PROTOCOL_ERROR” in google chrome.


I’m new to lego, so please bear with me.
Let’s see if you did get a new cert:
Pleas show:
ls -l /etc/lego/certificates/


total 16
-rw------- 1 root root 3596 Dec 19 04:05
-rw------- 1 root root 1648 Dec 19 04:05
-rw------- 1 root root 237 Dec 19 04:05
-rw------- 1 root root 1675 Dec 19 04:05


OK that looks good.
Now let’s see if the bitnami cert(s) match to any of those files.
Please show:
ls -l /opt/bitnami/nginx/conf/server.*


Its Apache, below is the response. I see below lines in red in command prompt.

lrwxrwxrwx 1 root root  40 Dec 19 03:58 /opt/bitnami/apache2/conf/server.crt -> /etc/lego/certificates/makeyourbrand.crt
lrwxrwxrwx 1 root root  33 Dec 16 08:46 /opt/bitnami/apache2/conf/server.crt.old -> /etc/lego/certificates/DOMAIN.crt
-rw------- 1 root root 985 Dec 14 07:29 /opt/bitnami/apache2/conf/server.csr.old
lrwxrwxrwx 1 root root  40 Dec 19 03:57 /opt/bitnami/apache2/conf/server.key -> /etc/lego/certificates/makeyourbrand.key
lrwxrwxrwx 1 root root  33 Dec 16 08:46 /opt/bitnami/apache2/conf/server.key.old -> /etc/lego/certificates/DOMAIN.key


That also looks good.
Have you restarted bitnami?
sudo /opt/bitnami/ stop
sudo /opt/bitnami/ start


Yes I did, but still it shows error “ERR_SSL_PROTOCOL_ERROR” :confused:


Did it work with https using the previous cert?
If not, did https ever work?


This is the first time I am using https using let’s encrypt.


OK then there may be some basic https requirements that have not yet been met.
Is there a file or location where you can specify the use of:
TLSv1.0, TLSv1.1, TLSv1.2, TLSv1.3
And specific ciphers?


I am new to aws, but never faced this problem. So could you help me ?


I am trying to help you :slight_smile:

Let’s try finding a file for configuring bitnami:
find / -name bitnami.conf


Thank you for considering :slight_smile: , I really appreciate that and will learn a lot from this