So strange case

I am trying to make a certificate and when i run the command

sudo certbot --nginx certonly

I choose my website “” but it give an error.

  • The following errors were reported by the server:

    Type: unauthorized
    Detail: Incorrect validation certificate for tls-sni-01 challenge.
    from Received 2 certificate(s), first
    certificate had names “,

    To fix these errors, please make sure that your domain name was
    entered correctly and the DNS A/AAAA record(s) for that domain
    contain(s) the right IP address.

And when i go to firefox is working with a certicate with expired date 06/04/2018
And when i go to firefox has a expired date 25/02/2018

How its possible? whats happening?

Ah! i checked the folders and i only have a folder with certificate, non with

What should i do? Its good if i delete all the certificates and make a new ones, for each domain?

you need to review what the certonly parameter does

certonly Obtain or renew a certificate, but do not install it


thx for the reply.

all the guides that i read, they use the command certonly

Then i should use “run” instead cenrtonly?

run is the default — you can just use certbot --nginx.

However, you should wait before doing this because there is currently a security issue which has resulted in the disabling of the TLS-SNI-01 method that --nginx uses.

(I’m not sure that the certonly issue was the true underlying reason for the error you saw before, but it’s not possible to do a meaningful test of that while this security issue is ongoing.)

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.