Problem to Execute ./certbot-auto command


#1

Please fill out the fields below so we can help you better.

My domain is: ./certbot-auto

I ran this command: ./certbot-auto

It produced this output: (tls-sni-01): urn:acme:error:tls :: The server experienced a TLS error during domain verification :: Failed to connect to 104.18.61.114:443 for TLS-SNI-01 challenge

My operating system is (include version): CentOS Linux 6.2

My web server is (include version): Apache

I can login to a root shell on my machine (yes):


#2

What is your domain ?

For some reason, without your domain I can’t say, LE could not connect to your domain on port 443 (https). I assume the IP is correct, but don’t know.

Looking at the IP address, it’s probably because you use cloudflare, and have cloudflare between your domain and LE.


#3

our domain name is salatinvestments.com. Yes we are cloudfare at the moment how can proceed forward.
Thanks…


#4

The easiest method may be to temporarily disable cloudflare caching whilst you obtain a certificate.

Can I ask what you intend as at outcome in the end though ? Do you intend to use cloudflare cache ? in which case your users will see cloudflare, and any certificate there, not the LE certificate on your domain. Or do you intend to turn caching off with cloudflare ? in which case they will reach your domain directly and see the certificate you obtain.


#5

I turn off cloudflare. Previous Error Solve. But give new error is : Error: should only be one vhost in /etc/httpd/conf/httpd.conf
Thanks


#6

Using certbot in “auto” mode, it expects only one domain in each vhost file in apache. Do you have a control panel or have you manually configured your apache ?

You have 2 options, you can split up the apache config into separate vhost files (one per domain) or you can specify the domain names you want on a single cert on the command line.


#7

I manually configured apache.
How to specify the domain names I want on a single cert on the command line.


#8

use the “-d” option for each domain you want to add - see https://certbot.eff.org/docs/using.html#getting-certificates


#9

plz give me steps to solve these problem.


#10

What do you not understand in the documentation I linked to ?


#11

how to manually configured Apache.
what command use


#12

Sorry, I’m confused since you asked

and now ask

Which do you want to do ?

The first (which is the question I thought you were asking) is to use “-d yourdomain.com” on the command line - as is shown in the certbot manual I linked to.

The second, you need to split your apache config into separate files ( usually in /etc/httpd/domains in centos ) with one domain in each vhost file. then you can use the certbot auto command and it will read those files ( as apache also will).


#13

Actually I am new to this so any advice you may provide regarding the above
I am trying to separate the vhost but not solve this problem.
not run -d command properly.


#14

so have you managed to separate all the domains ( I don’t know how many you have ) into separate vhost files ? (including http, port 80 and http, port 443 in separate files )

Have you restarted apache ?

What error do you get now ?


#15

I am not able to separate the vhost.
Now I got Same Error : Error: should only be one vhost in /etc/httpd/conf/httpd.conf


#16

why ?

If you have more than one domain in /etc/httpd/conf/httpd.conf still, then I’m not surprised that you still get that error - as nothing has changed. Perhaps someone else can help, as I think we are just going round in circles.


#17

I ran this command: ./certbot-auto.
I got new error is archive directory exists for www.salatinvestments.com


#18

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.