To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address. Additionally, please check that
you have an up-to-date TLS configuration that allows the server to
communicate with the Certbot client.
Could you please try run the program with following parameters?
sudo certbot renew --preferred-challenge http
This would switch you from the ‘kind of’ buggy tls-sni-01 to http validation… (Please make sure port 80 is open before executing the command)
it looks as if akash1, you have entered www.DomainName somewhere instead of your actual domain name. When it is trying to verify the domain it cannot find www.DomainName, hence the error?
Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:
I ran this command:
It produced this output:
My web server is (include version):
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don’t know):
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
It produced this output: Failed authorization procedure. www.DomainName (tls-sni-01): urn:ietf:params:acme:error:tls :: The server experienced a TLS error during domain verification :: remote error: tls: handshake failure
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address. Additionally, please check that
you have an up-to-date TLS configuration that allows the server to
communicate with the Certbot client.
My web server is (include version): Apache 2.4
The operating system my web server runs on is (include version): Amazon Linux
My hosting provider, if applicable, is: AWS
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no
It produced this output:
Failed authorization procedure. www.motostorelocator.com (tls-sni-01): urn:ietf:params:acme:error:tls :: The server experienced a TLS error during domain verification :: remote error: tls: handshake failure
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address. Additionally, please check that
you have an up-to-date TLS configuration that allows the server to
communicate with the Certbot client.
It’s work, it is showing below status:
Congratulations, all renewals succeeded. The following certs have been renewed:
/etc/letsencrypt/live/motostorelocator.com/fullchain.pem (success)
So how did I use the renewed certificate?
Do I have to make any changes in SSL conf file?
For the auto renewal, you just need to use the same argument as before... (Just ./certbot-auto renew)
You don't need to make any changes to existing configuration file... You could simply restart your web-server if the Certificate is not properly reflected.
In a cron job you should probably not use the ./ because the path of the cron process might not be the same as the path where the certbot-auto program is saved. Instead, you could use the explicit path to the certbot-auto program.