Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
Domain is: ptchat.org
I ran this command:
certbot certonly --standalone -d isscloud.ptchat.org -d irc.ptchat.org
It produced this output:
You have an existing certificate that contains a portion of the domains you requested (ref: /usr/local/etc/letsencrypt/renewal/isscloud.ptchat.org.conf) It contains these names: isscloud.ptchat.org You requested these names for the new certificate: isscloud.ptchat.org, irc.ptchat.org. Do you want to expand and replace this existing certificate with the new certificate? - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (E)xpand/(C)ancel: E Renewing an existing certificate for isscloud.ptchat.org and irc.ptchat.org Certbot failed to authenticate some domains (authenticator: standalone). The Certificate Authority reported these problems: Domain: irc.ptchat.org Type: connection Detail: Fetching https://irc.ptchat.org/.well-known/acme-challenge/iOsLTXam5YZuvzctmqH0CNfOZr75fqqDy0xVDusuITo: Timeout during connect (likely firewall problem) Hint: The Certificate Authority couldn't exterally verify that the standalone plugin completed the required http-01 challenges. Ensure the plugin is configured correctly and that the changes it makes are accessible from the internet. Some challenges have failed. Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
My web server is (include version):
irrelevant, not running a webserver
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of
certbot --version or
certbot-auto --version if you're using Certbot):
So my question is the following, I'm running a server on isscloud.ptchat.org I have a valid cert for this hostname generated with certbot, no issues.
Now what happens is that customers connect using the address irc.ptchat.org that can resolve to any of these addresses:
;; ANSWER SECTION:
irc.ptchat.org. 1780 IN A 184.108.40.206
irc.ptchat.org. 1780 IN A 220.127.116.11
irc.ptchat.org. 1780 IN A 18.104.22.168
irc.ptchat.org. 1780 IN A 22.214.171.124
irc.ptchat.org. 1780 IN A 126.96.36.199
How should I generate/extend this certificate to include irc.ptchat.org?