Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: yachats.photos
I ran this command:
acme.sh --issue --domain 'yachats.photos' --dns 'dns_gd' --domain '*.yachats.photos' --dns 'dns_gd' --home '/tmp/acme/Yachats.Photos/' --accountconf '/tmp/acme/Yachats.Photos/accountconf.conf'
It produced this output: acme.sh successfully expanded the certificate and deployed it properly.
My web server is (include version): Apache/2.4.46 (Ubuntu)
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is: Self Hosted
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot): acme.sh (thanks neilpang)
This morning I decided to expand my certificate to include a wildcard. Everything worked perfectly. Until I visited the site:
And of course I went to SSL labs and verified my suspicion.
So now I have two certificates and the one requiring stapling is throwing an error and the one that is not requiring stapling works just fine.
All of the other sites hosted on this particular server have stapling enabled and I am guessing that the stapling cache is what is keeping them from throwing errors.
EDIT: I know this is an intermittent issue or at least I believe it is, but I thought I should file a report since this is the first time I actually saw my server itself throw the error and not SSL labs.