Problemas para generar certificado SSL

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: viveplus.com.mx

I ran this command: certbot --apache

It produced this output:

Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel): 22
Certificate not yet due for renewal

You have an existing certificate that has exactly the same domains or certificate name you requested and isn't close to expiry.
(ref: /etc/letsencrypt/renewal/viveplus.com.mx-0001.conf)

What would you like to do?

1: Attempt to reinstall this existing certificate
2: Renew & replace the certificate (may be subject to CA rate limits)

Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 1
Deploying certificate
Successfully deployed certificate for viveplus.com.mx to /etc/apache2/sites-enabled/100-viveplus.com.mx.vhost
Congratulations! You have successfully enabled HTTPS on https://viveplus.com.mx

If you like Certbot, please consider supporting our work by:

• Donating to ISRG / Let's Encrypt: Donate - Let's Encrypt
• Donating to EFF: Support EFF's Work on Let's Encrypt | Electronic Frontier Foundation

My web server is (include version): apache 2.4.41

The operating system my web server runs on is (include version): ubuntu 20

My hosting provider, if applicable, is: AWS

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): CLI EC2

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):2.6

Hola, tengo un problema con mis certificados, no puedo generar nuevos certificados,
Ejemplo, intento generar un certificado para mi subdominio "prod.midominio.com" pero cuando genero este certificado mi dominio principal "midominio.com"
dejar de tener certificado ssl y lo mismo pasa a la inversa

Can you provide more information as requested by the questionnaire? If a question is not applicable or you're e.g. self-hosting it at home, please also mention that.

Also, the command or commands used and its output are of utmost importance, please answer those questions as detailled as possible.

I'm sorry, I already updated the data:)

Looks like you're selecting just a single hostname from the options provided. Thus, it would make sense you end up with a certificate containing just a single hostname, as you've requested that specifically.

Could you please post the entire output of the command certbot certificates to see which certificates you currently have in Certbot? Because if I look at https://crt.sh/?deduplicate=Y&q=viveplus.com.mx there are quite a lot of different certificates issued recently. (The crt.sh website might have some timeout/performance issues by the way.)

I'm new to this, I'm sorry I didn't understand what you asked me, could you explain me?, I share the whole context
I have this domain www.viveplus.com.mx/ and subdomain offers.viveplus.com.mx
and when im certificate the domain www.viveplus.com.mx/

the certificate works!

But then when im try to certificate the subdomain offers.viveplus.com.mx, it works too,

but the certificate of viveplus.com.mx stop works

And its the same when i do it backwards

When im certificate viveplus.com.mx

the certificate of offers.viveplus.com.mx stop works!

as if they were taking it from each other!! :c

no matter the option to renew or reinstall, the output are the same in both cases

image776×296 9.05 KB

All this certificates are in the output of certbot certificate
Its bad?

Found the following certs:
Certificate Name: api.viveplus.com.mx
Serial Number:
Key Type: ECDSA
Domains: api.viveplus.com.mx
Expiry Date: 2023-08-31 20:40:48+00:00 (VALID: 88 days)
Certificate Path: /etc/letsencrypt/live/api.viveplus.com.mx/fullchain.pem
Private Key Path: /etc/letsencrypt/live/api.viveplus.com.mx/privkey.pem
Certificate Name: app.arajettravelassist.com
Serial Number:
Key Type: ECDSA
Domains: app.arajettravelassist.com
Expiry Date: 2023-08-31 15:01:31+00:00 (VALID: 88 days)
Certificate Path: /etc/letsencrypt/live/app.arajettravelassist.com/fullchain.pem
Private Key Path: /etc/letsencrypt/live/app.arajettravelassist.com/privkey.pem
Certificate Name: beneficiosfalabella.com.mx
Serial Number:
Key Type: RSA
Domains: beneficiosfalabella.com.mx www.beneficiosfalabella.com.mx
Expiry Date: 2023-08-14 02:02:16+00:00 (VALID: 70 days)
Certificate Path: /etc/letsencrypt/live/beneficiosfalabella.com.mx/fullchain.pem
Private Key Path: /etc/letsencrypt/live/beneficiosfalabella.com.mx/privkey.pem
Certificate Name: beneficioslikeu.com.mx
Serial Number:
Key Type: RSA
Domains: beneficioslikeu.com.mx
Expiry Date: 2023-02-20 14:16:57+00:00 (INVALID: EXPIRED)
Certificate Path: /etc/letsencrypt/live/beneficioslikeu.com.mx/fullchain.pem
Private Key Path: /etc/letsencrypt/live/beneficioslikeu.com.mx/privkey.pem
Certificate Name: crm.viveplus.com.mx
Serial Number:
Key Type: RSA
Domains: crm.viveplus.com.mx apilanding.viveplus.com.mx offers.viveplus.com.mx
Expiry Date: 2023-06-08 15:17:42+00:00 (VALID: 4 days)
Certificate Path: /etc/letsencrypt/live/crm.viveplus.com.mx/fullchain.pem
Private Key Path: /etc/letsencrypt/live/crm.viveplus.com.mx/privkey.pem
Certificate Name: descuentoscpm.com
Serial Number:
Key Type: RSA
Domains: descuentoscpm.com www.descuentoscpm.com
Expiry Date: 2023-07-16 05:15:57+00:00 (VALID: 41 days)
Certificate Path: /etc/letsencrypt/live/descuentoscpm.com/fullchain.pem
Private Key Path: /etc/letsencrypt/live/descuentoscpm.com/privkey.pem
Certificate Name: efectivalebeneficios.com
Serial Number:
Key Type: RSA
Domains: efectivalebeneficios.com www.efectivalebeneficios.com
Expiry Date: 2023-08-30 02:04:08+00:00 (VALID: 86 days)
Certificate Path: /etc/letsencrypt/live/efectivalebeneficios.com/fullchain.pem
Private Key Path: /etc/letsencrypt/live/efectivalebeneficios.com/privkey.pem
Certificate Name: email-reward.mx
Serial Number:
Key Type: ECDSA
Domains: email-reward.mx sub1.email-reward.mx www.email-reward.mx
Expiry Date: 2023-09-01 19:28:04+00:00 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/email-reward.mx/fullchain.pem
Private Key Path: /etc/letsencrypt/live/email-reward.mx/privkey.pem
Certificate Name: hoteles.arajettravelassist.com-0001
Serial Number:
Key Type: ECDSA
Domains: app.arajettravelassist.com
Expiry Date: 2023-08-31 15:01:31+00:00 (VALID: 88 days)
Certificate Path: /etc/letsencrypt/live/hoteles.arajettravelassist.com-0001/fullchain.pem
Private Key Path: /etc/letsencrypt/live/hoteles.arajettravelassist.com-0001/privkey.pem
Certificate Name: hoteles.arajettravelassist.com-0002
Serial Number:
Key Type: ECDSA
Domains: app.arajettravelassist.com
Expiry Date: 2023-08-31 15:01:31+00:00 (VALID: 88 days)
Certificate Path: /etc/letsencrypt/live/hoteles.arajettravelassist.com-0002/fullchain.pem
Private Key Path: /etc/letsencrypt/live/hoteles.arajettravelassist.com-0002/privkey.pem
Certificate Name: offers.viveplus.com.mx
Serial Number:
Key Type: ECDSA
Domains: offers.viveplus.com.mx
Expiry Date: 2023-09-02 08:10:37+00:00 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/offers.viveplus.com.mx/fullchain.pem
Private Key Path: /etc/letsencrypt/live/offers.viveplus.com.mx/privkey.pem
Certificate Name: plataforma-viajes.com.mx
Serial Number:
Key Type: RSA
Domains: plataforma-viajes.com.mx www.plataforma-viajes.com.mx
Expiry Date: 2023-08-22 02:07:57+00:00 (VALID: 78 days)
Certificate Path: /etc/letsencrypt/live/plataforma-viajes.com.mx/fullchain.pem
Private Key Path: /etc/letsencrypt/live/plataforma-viajes.com.mx/privkey.pem
Certificate Name: sitios.viveplus.com.mx
Serial Number:
Key Type: RSA
Domains: sitios.viveplus.com.mx
Expiry Date: 2023-08-03 02:01:14+00:00 (VALID: 59 days)
Certificate Path: /etc/letsencrypt/live/sitios.viveplus.com.mx/fullchain.pem
Private Key Path: /etc/letsencrypt/live/sitios.viveplus.com.mx/privkey.pem
Certificate Name: supercuentaproteccion.com.mx
Serial Number:
Key Type: RSA
Domains: supercuentaproteccion.com.mx www.supercuentaproteccion.com.mx
Expiry Date: 2023-08-23 02:01:05+00:00 (VALID: 79 days)
Certificate Path: /etc/letsencrypt/live/supercuentaproteccion.com.mx/fullchain.pem
Private Key Path: /etc/letsencrypt/live/supercuentaproteccion.com.mx/privkey.pem
Certificate Name: travelassistanceavianca.com
Serial Number:
Key Type: RSA
Domains: travelassistanceavianca.com www.travelassistanceavianca.com
Expiry Date: 2023-07-08 02:07:04+00:00 (VALID: 33 days)
Certificate Path: /etc/letsencrypt/live/travelassistanceavianca.com/fullchain.pem
Private Key Path: /etc/letsencrypt/live/travelassistanceavianca.com/privkey.pem
Certificate Name: viveplus.com.mx-0001
Serial Number:
Key Type: ECDSA
Domains: viveplus.com.mx
Expiry Date: 2023-09-02 02:30:55+00:00 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/viveplus.com.mx-0001/fullchain.pem
Private Key Path: /etc/letsencrypt/live/viveplus.com.mx-0001/privkey.pem
Certificate Name: viveplus.com.mx
Serial Number:
Key Type: RSA
Domains: viveplus.com.mx apilanding.viveplus.com.mx offers.viveplus.com.mx prod.viveplus.com.mx www.viveplus.com.mx
Expiry Date: 2023-08-29 19:26:04+00:00 (VALID: 86 days)
Certificate Path: /etc/letsencrypt/live/viveplus.com.mx/fullchain.pem
Private Key Path: /etc/letsencrypt/live/viveplus.com.mx/privkey.pem
Certificate Name: www.asistenciasviajes.com.mx
Serial Number:
Key Type: RSA
Domains: www.asistenciasviajes.com.mx
Expiry Date: 2023-08-27 02:05:11+00:00 (VALID: 83 days)
Certificate Path: /etc/letsencrypt/live/www.asistenciasviajes.com.mx/fullchain.pem
Private Key Path: /etc/letsencrypt/live/www.asistenciasviajes.com.mx/privkey.pem
Certificate Name: www.beneficioslikeu.com.mx
Serial Number:
Key Type: RSA
Domains: www.beneficioslikeu.com.mx
Expiry Date: 2023-08-24 01:20:00+00:00 (VALID: 80 days)
Certificate Path: /etc/letsencrypt/live/www.beneficioslikeu.com.mx/fullchain.pem
Private Key Path: /etc/letsencrypt/live/www.beneficioslikeu.com.mx/privkey.pem
Certificate Name: www.viveplus.com.mx-0001
Serial Number:
Key Type: ECDSA
Domains: www.viveplus.com.mx
Expiry Date: 2023-08-31 21:22:28+00:00 (VALID: 88 days)
Certificate Path: /etc/letsencrypt/live/www.viveplus.com.mx-0001/fullchain.pem
Private Key Path: /etc/letsencrypt/live/www.viveplus.com.mx-0001/privkey.pem
Certificate Name: www.viveplus.com.mx
Serial Number:
Key Type: RSA
Domains: viveplus.com.mx www.viveplus.com.mx
Expiry Date: 2023-08-07 16:04:31+00:00 (VALID: 64 days)
Certificate Path: /etc/letsencrypt/live/www.viveplus.com.mx/fullchain.pem
Private Key Path: /etc/letsencrypt/live/www.viveplus.com.mx/privkey.pem

As you can see yourself you have a lot of certificates for a lot of hostnames of the viveplus.com.mx domain.

The certificate with "Certificate Name" viveplus.com.mx has the most hostnames contained in it already and is still valid for 86 days, including the offers subdomain. It's only missing the subdomains sitios, crm and api.

You can use the apache authenticator to select all hostnames for a single certificate, but my suggestion would be to use the command line to provide all the necessary information with the following command:

certbot --apache --cert-name viveplus.com.mx --expand -d "viveplus.com.mx,www.viveplus.com.mx,api.viveplus.com.mx,apilanding.viveplus.com.mx,offers.viveplus.com.mx,prod.viveplus.com.mx,crm.viveplus.com.mx,sitios.viveplus.com.mx"

I believe the above command contains all the subdomains you have in the different, separate certificates. And it should expand the existing certificate. AND install the new certificate into Apache for all the virtualhosts, if your Apache configuration is properly set up.

If the above Certbot command works and the certificate is installed correctly into Apache, you can check the command certbot certificates again to see the expanded certificate for yourself. If all the OTHER viveplus.com.mx certificates are not in use any longer (i.e., not by Apache and not by any other service you might have installed the certificates manually into), you can delete the other certificates by using the certbot delete command. See the Certbot documentation at User Guide — Certbot 2.6.0 documentation to see how.

ok i will try with the command you provide but i have 2 doubts
How can I remove duplicate certificates?
I read in the documentation something about revoke and delete, what would be the difference between the two?
The other question is: once I used the certbot delete and the whole service fell apart because it couldn't find the folders that I just asked it to delete

The link I provided above goes to the delete section, which should be appropriate. Revoking is not the same as deleting and is usually only necessary if there has been a security breach and/or leakage of the private key. If you simply wish to delete a certificate, then revoking is not necessary.

Not really a question here but as I already said (and which is explained in the documentation I linked above), you should ONLY delete a certificate AFTER you've made sure no service (Apache/mailserver/et cetera) uses the certificate you're about to delete any longer. If you DON'T do that step (i.e., a certificate is still in use AND deleted), then you can run into issues indeed.

Another question, what would happen if I don't put a domain in that command? Would there be problems later to solve that domain?

The same was what happened with your previous command: Certbot would ask you to select one or multiple hostnames from a list it provided.

Now I'm coming in a few seconds, I'll go try the command that it provides me, I hope it works, I've been stuck for days! :'C

An RSA certificate named viveplus.com.mx already exists. Do you want to update
its key type to ECDSA?

(U)pdate key type/(K)eep existing key type:

what im should select?

Probably not very important, but to keep things simple let's just "(K)eep" the existing key type.

its works!!!!

but now, not found my page :'c
maybe can be

image830×429 28.8 KB

Could it be because of the commands we enter in the console?

i just put this commands

root@sitios:/home/ubuntu# certbot --apache --cert-name viveplus.com.mx --expand -d "viveplus.com.mx,www.viveplus.com.mx,api.viveplus.com.mx,apilanding.viveplus.com.mx,offers.viveplus.com.mx,prod.viveplus.com.mx,crm.viveplus.com.mx,sitios.viveplus.com.mx"
Saving debug log to /var/log/letsencrypt/letsencrypt.log

An RSA certificate named viveplus.com.mx already exists. Do you want to update
its key type to ECDSA?

(U)pdate key type/(K)eep existing key type: k

You are updating certificate viveplus.com.mx to include new domain(s):

• api.viveplus.com.mx
• crm.viveplus.com.mx
• sitios.viveplus.com.mx

You are also removing previously included domain(s):
(None)

Did you intend to make this change?

(U)pdate certificate/(C)ancel: u
Renewing an existing certificate for viveplus.com.mx and 7 more domains

Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/viveplus.com.mx/fullchain.pem
Key is saved at: /etc/letsencrypt/live/viveplus.com.mx/privkey.pem
This certificate expires on 2023-09-02.
These files will be updated when the certificate renews.
Certbot has set up a scheduled task to automatically renew this certificate in the background.

Deploying certificate
Successfully deployed certificate for viveplus.com.mx to /etc/apache2/sites-enabled/100-viveplus.com.mx.vhost
Successfully deployed certificate for www.viveplus.com.mx to /etc/apache2/sites-enabled/100-viveplus.com.mx.vhost
Successfully deployed certificate for api.viveplus.com.mx to /etc/apache2/sites-enabled/100-api.viveplus.com.mx.vhost
Successfully deployed certificate for apilanding.viveplus.com.mx to /etc/apache2/sites-enabled/100-viveplus.com.mx.vhost
Successfully deployed certificate for offers.viveplus.com.mx to /etc/apache2/sites-enabled/100-viveplus.com.mx.vhost
Successfully deployed certificate for prod.viveplus.com.mx to /etc/apache2/sites-enabled/100-viveplus.com.mx.vhost
Successfully deployed certificate for crm.viveplus.com.mx to /etc/apache2/sites-enabled/100-crm.viveplus.com.mx.vhost

We were unable to find a vhost with a ServerName or Address of sitios.viveplus.com.mx.
Which virtual host would you like to choose?

1: 100-api.viveplus.com.mx.vhost | Multiple Names | | Enabled
2: 100-api.viveplus.com.mx.vhost | Multiple Names | HTTPS | Enabled
3: 100-beneficioslikeu.com.mx.vho | Multiple Names | | Enabled
4: 100-beneficioslikeu.com.mx.vho | Multiple Names | HTTPS | Enabled
5: 100-beneficiosfalabella.com.mx | Multiple Names | | Enabled
6: 100-beneficiosfalabella.com.mx | Multiple Names | HTTPS | Enabled
7: 100-descuentoscpm.com.vhost | Multiple Names | | Enabled
8: 100-descuentoscpm.com.vhost | Multiple Names | HTTPS | Enabled
9: 100-plataforma-viajes.com.mx.v | Multiple Names | | Enabled
10: 100-plataforma-viajes.com.mx.v | Multiple Names | HTTPS | Enabled
11: 100-beneficios.daliaempower.co | Multiple Names | | Enabled
12: 000-default.conf | | | Enabled
13: 100-efectivalebeneficios.com.v | Multiple Names | | Enabled
14: 100-efectivalebeneficios.com.v | Multiple Names | HTTPS | Enabled
15: 100-email-reward.mx.vhost | Multiple Names | | Enabled
16: 100-email-reward.mx.vhost | Multiple Names | HTTPS | Enabled
17: 000-ispconfig.vhost | | HTTPS | Enabled
18: 100-travelassistanceavianca.co | Multiple Names | | Enabled
19: 100-travelassistanceavianca.co | Multiple Names | HTTPS | Enabled
20: 100-businessmail.com.vhost | Multiple Names | | Enabled
21: 000-apps.vhost | | HTTPS | Enabled
22: tuasistenciavial.com.mx.vhost- | Multiple Names | HTTPS | Enabled
23: 100-crm.viveplus.com.mx.vhost | crm.viveplus.com.mx | | Enabled
24: 100-crm.viveplus.com.mx.vhost | crm.viveplus.com.mx | HTTPS | Enabled
25: 100-viajeslivit.mx.vhost | Multiple Names | | Enabled
26: 100-viajeslivit.mx.vhost | Multiple Names | HTTPS | Enabled
27: 100-viveplus.com.mx.vhost | Multiple Names | | Enabled
28: 100-viveplus.com.mx.vhost | Multiple Names | HTTPS | Enabled
29: 100-pruebas.com.mx.vhost | Multiple Names | | Enabled
30: 100-arajettravelassist.com.vho | Multiple Names | | Enabled
31: 100-arajettravelassist.com.vho | Multiple Names | HTTPS | Enabled
32: 100-supercuentaproteccion.com. | Multiple Names | | Enabled
33: 100-supercuentaproteccion.com. | Multiple Names | HTTPS | Enabled
34: arajettravelassist.com.vhost-l | Multiple Names | HTTPS | Enabled
35: arajettravelassist.com.vhost-l | Multiple Names | | Enabled
36: 100-tuasistenciavial.com.mx.vh | Multiple Names | | Enabled
37: 100-tuasistenciavial.com.mx.vh | Multiple Names | HTTPS | Enabled

Select the appropriate number [1-37] then [enter] (press 'c' to cancel): ^CCould not install certificate
Exiting due to user request.
root@sitios:/home/ubuntu# certbot --apache --cert-name viveplus.com.mx --expand -d "viveplus.com.mx,www.viveplus.com.mx,api.viveplus.com.mx,apilanding.viveplus.com.mx,offers.viveplus.com.mx,prod.viveplus.com.mx,crm.viveplus.com.mx,sitios.viveplus.com.mx"
Saving debug log to /var/log/letsencrypt/letsencrypt.log

An RSA certificate named viveplus.com.mx already exists. Do you want to update
its key type to ECDSA?

(U)pdate key type/(K)eep existing key type: k
Certificate not yet due for renewal

You have an existing certificate that has exactly the same domains or certificate name you requested and isn't close to expiry.
(ref: /etc/letsencrypt/renewal/viveplus.com.mx.conf)

What would you like to do?

1: Attempt to reinstall this existing certificate
2: Renew & replace the certificate (may be subject to CA rate limits)

Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 1
Deploying certificate
Successfully deployed certificate for viveplus.com.mx to /etc/apache2/sites-enabled/100-viveplus.com.mx.vhost
Successfully deployed certificate for www.viveplus.com.mx to /etc/apache2/sites-enabled/100-viveplus.com.mx.vhost
Successfully deployed certificate for api.viveplus.com.mx to /etc/apache2/sites-enabled/100-api.viveplus.com.mx.vhost
Successfully deployed certificate for apilanding.viveplus.com.mx to /etc/apache2/sites-enabled/100-viveplus.com.mx.vhost
Successfully deployed certificate for offers.viveplus.com.mx to /etc/apache2/sites-enabled/100-viveplus.com.mx.vhost
Successfully deployed certificate for prod.viveplus.com.mx to /etc/apache2/sites-enabled/100-viveplus.com.mx.vhost
Successfully deployed certificate for crm.viveplus.com.mx to /etc/apache2/sites-enabled/100-crm.viveplus.com.mx.vhost

We were unable to find a vhost with a ServerName or Address of sitios.viveplus.com.mx.
Which virtual host would you like to choose?

1: 100-api.viveplus.com.mx.vhost | Multiple Names | | Enabled
2: 100-api.viveplus.com.mx.vhost | Multiple Names | HTTPS | Enabled
3: 100-beneficioslikeu.com.mx.vho | Multiple Names | | Enabled
4: 100-beneficioslikeu.com.mx.vho | Multiple Names | HTTPS | Enabled
5: 100-beneficiosfalabella.com.mx | Multiple Names | | Enabled
6: 100-beneficiosfalabella.com.mx | Multiple Names | HTTPS | Enabled
7: 100-descuentoscpm.com.vhost | Multiple Names | | Enabled
8: 100-descuentoscpm.com.vhost | Multiple Names | HTTPS | Enabled
9: 100-plataforma-viajes.com.mx.v | Multiple Names | | Enabled
10: 100-plataforma-viajes.com.mx.v | Multiple Names | HTTPS | Enabled
11: 100-beneficios.daliaempower.co | Multiple Names | | Enabled
12: 000-default.conf | | | Enabled
13: 100-efectivalebeneficios.com.v | Multiple Names | | Enabled
14: 100-efectivalebeneficios.com.v | Multiple Names | HTTPS | Enabled
15: 100-email-reward.mx.vhost | Multiple Names | | Enabled
16: 100-email-reward.mx.vhost | Multiple Names | HTTPS | Enabled
17: 000-ispconfig.vhost | | HTTPS | Enabled
18: 100-travelassistanceavianca.co | Multiple Names | | Enabled
19: 100-travelassistanceavianca.co | Multiple Names | HTTPS | Enabled
20: 100-businessmail.com.vhost | Multiple Names | | Enabled
21: 000-apps.vhost | | HTTPS | Enabled
22: tuasistenciavial.com.mx.vhost- | Multiple Names | HTTPS | Enabled
23: 100-crm.viveplus.com.mx.vhost | crm.viveplus.com.mx | | Enabled
24: 100-crm.viveplus.com.mx.vhost | crm.viveplus.com.mx | HTTPS | Enabled
25: 100-viajeslivit.mx.vhost | Multiple Names | | Enabled
26: 100-viajeslivit.mx.vhost | Multiple Names | HTTPS | Enabled
27: 100-viveplus.com.mx.vhost | Multiple Names | | Enabled
28: 100-viveplus.com.mx.vhost | Multiple Names | HTTPS | Enabled
29: 100-pruebas.com.mx.vhost | Multiple Names | | Enabled
30: 100-arajettravelassist.com.vho | Multiple Names | | Enabled
31: 100-arajettravelassist.com.vho | Multiple Names | HTTPS | Enabled
32: 100-supercuentaproteccion.com. | Multiple Names | | Enabled
33: 100-supercuentaproteccion.com. | Multiple Names | HTTPS | Enabled
34: arajettravelassist.com.vhost-l | Multiple Names | HTTPS | Enabled
35: arajettravelassist.com.vhost-l | Multiple Names | | Enabled
36: 100-tuasistenciavial.com.mx.vh | Multiple Names | | Enabled
37: 100-tuasistenciavial.com.mx.vh | Multiple Names | HTTPS | Enabled

Select the appropriate number [1-37] then [enter] (press 'c' to cancel): 28
Successfully deployed certificate for sitios.viveplus.com.mx to /etc/apache2/sites-enabled/100-viveplus.com.mx.vhost
Added an HTTP->HTTPS rewrite in addition to other RewriteRules; you may wish to check for overall consistency.
Congratulations! You have successfully enabled HTTPS on https://viveplus.com.mx, https://www.viveplus.com.mx, https://api.viveplus.com.mx, https://apilanding.viveplus.com.mx, https://offers.viveplus.com.mx, https://prod.viveplus.com.mx, https://crm.viveplus.com.mx, and https://sitios.viveplus.com.mx

If you like Certbot, please consider supporting our work by:

• Donating to ISRG / Let's Encrypt: Donate - Let's Encrypt
• Donating to EFF: Support EFF's Work on Let's Encrypt | Electronic Frontier Foundation

root@sitios:/home/ubuntu#

Looks like some kind of setting (?) in the software used on your website.

This Community is probably not the correct place to debug that. It looks like your main website is working, including the HTTP to HTTPS redirect. But e.g. from that 1 through 37 output at the bottom of the Certbot output it looks like the site offers.viveplus.com.mx isn't known to Apache to begin with.

So to me it looks more like a webserver/website configuration issue than a certificate issue. Good luck with that

I already validated and it seems to be fine!
You are a teacher! genius of geniuses! Thank you very much for the patience!
I sent you a private message to save your master's contact! Have a good day/night/afternoon!

Thanks for the kind words

We prefer to keep everything open on the Community without support in private messages If you experience more certificate issues which is unrelated to your current issue, please open a new thread or, if it's related to your current problem, feel free to post again in this thread

Last question, in which part of the output did you see the problem of apache that did not find offers?