A while ago I installed certificates on a VPS that hosts several apache vhosts.
After receiving a notification that certificates were due to expire, I attempted to renew them.
I use this command:
‘letsencrypt-auto renew’
This returns:
ll renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/[name of vhost]/fullchain.pem (failure)
…
Towards the end of the error output is a a notice concerning a site that I used to host on this server and that I’ve since moved…
MPORTANT NOTES:
-
The following errors were reported by the server:
Domain: [nonexistantsite.com]
Type: unauthorized
Detail: Incorrect validation certificate for TLS-SNI-01 challenge.
Requested
[xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx].acme.invalid
from xx.xxx.xxx.xxx:xxx. Received certificate containing
[nonexistentsite.com]
So my hypothesis is that records concerning this non-existent site are somehow preventing the renewal process to complete.
I’ve removed the apache vhost files and dissabled the site.
What else do I need to do in order to renew certificates for existing sites?