Setting up new cert on a new server for a domain with another cert

joeker · September 19, 2016, 3:34pm

The domain already has a SSL-EV cert with commodo. I am moving the site/domain to a new server and want to setup a Letsencrypt certificate. When running certbot-auto, I get a DNS verification error because the live site has a different IP address:

Domain: no depositpoker .co .uk
Type: unauthorized
Detail: Incorrect validation certificate for TLS-SNI-01 challenge.
Requested
4ba8ccc1af537091c040611440fe6b1f.d1d864da0a0d47eb01fcec72b1cea7d7.acme.invalid
from 80.85.84.37:443. Received certificate containing
'no deposit poker. co. uk, www.no deposit poker. co. uk'

To fix these errors, please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain

Obviously I need to set this up before moving the site and domain over. Server is running Ubuntu 14.04 and Apache 2.4.7 and I have root access and access to nameservers.

serverco · September 19, 2016, 6:06pm

To obtain the certificate before you change the DNS you will wither need to use the DNS challenge ( which isnt’ yet supported by certbot - but is by some of the alternate clients - certainly the Bash and Go ones

Alternatively, set it up on the current live server to obtain the certificate, and copy the cert, private key and CA cert over to the new server.

joeker · September 19, 2016, 6:08pm

Thank you, I will try the alternate clients

system · October 19, 2016, 6:09pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.