[solved] Failed authorization procedure for the extension of the certificate with a subdomain


I wanted to extend the SSL certificate to my subdomain. My server is on debian 8.0 (jessie) and I got this error:

Failed authorization procedure. cloud.domain.ltd (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Failed to connect to for TLS-SNI-01 challenge

 - The following errors were reported by the server:

Domain: cloud.domain.ltd
Type:   connection 
Detail: Failed to connect to for TLS-SNI-01 

To fix these errors, please make sure that your domain name was entered correctly and the DNS A record(s) for that domain contain(s) the right IP address. Additionally, please check that your computer has a publicly routable IP address and that no firewalls are preventing the server from communicating with the client. If you're using the webroot plugin, you should also verify that you are serving files from the webroot path you provided.

Here how, I configure my subdomain with apache in the file cloud.subdomain.ltd.conf:

 <Virtual Host *:80>
 ServerAdmin webmaster@cloud.domain.ltd
 ServerName cloud.domain.ltd
 DirectoryIndex index.html index.php
 DocumentRoot /var/www/cloud.domain.ltd/owncloud 
 Alias /owncloud "/var/www/cloud.domain.ltd/owncloud/"
<Directory /var/www/cloud.domain.ltd/owncloud/>
Options +FollowSymlinks
AllowOverride All
<IfModule mod_dav.c>
Dav off 
SetEnv HOME /var/cloud.domain.ltd/www/owncloud
SetEnv HTTP_HOME /var/www/cloud.domain.ltd/owncloud
ErrorLog /var/www/cloud.domain.ltd/logs/error.log
CustomLog /var/www/cloud.domain.ltd/logs/access.log combined


Can you tell us what command you ran to try to get the new certificate?


I did # certbot --apache but I noticed that I have a typo in my etc/hosts. I put also the cloud files directly in the subdomain directory (“var/www/cloud.domain.ltd”) and not in an owncloud subfolder. I started certbot again and I could successfuly extend my certificate.
However, I still have a blank page instead of my cloud for the subdomain but that’s not the topic here.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.