Problem to Execute ./certbot-auto command

Please fill out the fields below so we can help you better.

My domain is: ./certbot-auto

I ran this command: ./certbot-auto

It produced this output: (tls-sni-01): urn:acme:error:tls :: The server experienced a TLS error during domain verification :: Failed to connect to 104.18.61.114:443 for TLS-SNI-01 challenge

My operating system is (include version): CentOS Linux 6.2

My web server is (include version): Apache

I can login to a root shell on my machine (yes):

What is your domain ?

For some reason, without your domain I can’t say, LE could not connect to your domain on port 443 (https). I assume the IP is correct, but don’t know.

Looking at the IP address, it’s probably because you use cloudflare, and have cloudflare between your domain and LE.

our domain name is salatinvestments.com. Yes we are cloudfare at the moment how can proceed forward.
Thanks…

The easiest method may be to temporarily disable cloudflare caching whilst you obtain a certificate.

Can I ask what you intend as at outcome in the end though ? Do you intend to use cloudflare cache ? in which case your users will see cloudflare, and any certificate there, not the LE certificate on your domain. Or do you intend to turn caching off with cloudflare ? in which case they will reach your domain directly and see the certificate you obtain.

I turn off cloudflare. Previous Error Solve. But give new error is : Error: should only be one vhost in /etc/httpd/conf/httpd.conf
Thanks

Using certbot in “auto” mode, it expects only one domain in each vhost file in apache. Do you have a control panel or have you manually configured your apache ?

You have 2 options, you can split up the apache config into separate vhost files (one per domain) or you can specify the domain names you want on a single cert on the command line.

I manually configured apache.
How to specify the domain names I want on a single cert on the command line.

use the “-d” option for each domain you want to add - see https://certbot.eff.org/docs/using.html#getting-certificates

plz give me steps to solve these problem.

What do you not understand in the documentation I linked to ?

how to manually configured Apache.
what command use

Sorry, I'm confused since you asked

and now ask

Which do you want to do ?

The first (which is the question I thought you were asking) is to use "-d yourdomain.com" on the command line - as is shown in the certbot manual I linked to.

The second, you need to split your apache config into separate files ( usually in /etc/httpd/domains in centos ) with one domain in each vhost file. then you can use the certbot auto command and it will read those files ( as apache also will).

Actually I am new to this so any advice you may provide regarding the above
I am trying to separate the vhost but not solve this problem.
not run -d command properly.

so have you managed to separate all the domains ( I don’t know how many you have ) into separate vhost files ? (including http, port 80 and http, port 443 in separate files )

Have you restarted apache ?

What error do you get now ?

I am not able to separate the vhost.
Now I got Same Error : Error: should only be one vhost in /etc/httpd/conf/httpd.conf

why ?

If you have more than one domain in /etc/httpd/conf/httpd.conf still, then I'm not surprised that you still get that error - as nothing has changed. Perhaps someone else can help, as I think we are just going round in circles.

I ran this command: ./certbot-auto.
I got new error is archive directory exists for www.salatinvestments.com

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.