Previously I had successfully obtained certificate for one of my sites. Now I have to add certs to another three sites (they all are virtual hosts sharing single IP with first site, but each of them have it's own DNS records). But I get error:
Failed authorization procedure. mynewsite.com (tls-sni-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Incorrect validation certificate for TLS-SNI-01 challenge. Requested f544c91aa78c8e3185d89b0647f460cc.8e9c2579c00173d8f366c31d3ca1d230.acme.invalid from 78.47.232.162:443. Received 2 certificate(s), first certificate had names "myfirstsite.com",
For each of three sites with their's names at start and one "first site" names at end (where "first certificate had names" is).
OK, so, you have a mixture of <VirtualHost> directives with just an asterisk and some <VirtualHost> directives which specify a port, i.e., the Let’s Encrypt SSL configurations.
I’m assuming all the <VirtualHost *> directives are for non-TLS websites, correct?
If so, I would suggest modifying all the configuration files you found here and change <VirtualHost *> (or <VirtualHost _default_>, that’s actually internally the same thing) into <VirtualHost *:80>.
And after that try certbot again.
By the way, the files in /etc/apache2/sites-enabled/ are probably just symbolic links to the same files in /etc/apache2/sites-available/, so you’ll only need to edit the files once in either one of the directories. But you should obviously check this to be sure
