Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:jobsforops.com
I ran this command:sudo certbot renew --no-self-upgrade
It produced this output:congratulations all renewals succeeded : /etc/letsencrypt/live/www.jobsforops.com/fullchain.pem(success)
My web server is (include version): httpd
The operating system my web server runs on is (include version):amazon linux2
My hosting provider, if applicable, is:route53
I can login to a root shell on my machine (yes or no, or I don't know):yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):no
The version of my client is (e.g. output of
certbot --version or
certbot-auto --version if you're using Certbot):certbot 1.11.0
Please describe your situation with more information. For example, what is the exact error message? In what situation? With what software? Et cetera et cetera.
Hi @srikanth welcome to the LE community forum
Is there a reason for using "
Please show the output of:
As far as I know, that option was used by the now discontinued
certbot-auto wrapper script. Probably a left over from that.
@srikanth I think you have mixed up your certs for the apex domain
jobsforops.com and your
See your certificates here: crt.sh | jobsforops.com
The apex domain cert is from Amazon. The www domain from Lets Encrypt.
The cert returned by your jobsforops.com server is the www cert:
openssl s_client -connect jobsforops.com:443 -servername jobsforops.com -trusted_first
1 s:/C=US/O=Let's Encrypt/CN=R3
i:/C=US/O=Internet Security Research Group/CN=ISRG Root X1
2 s:/C=US/O=Internet Security Research Group/CN=ISRG Root X1
i:/O=Digital Signature Trust Co./CN=DST Root CA X3
You might want to combine both names in one LE cert and use that.
please tell me the exact solution
@srikanth I could give more exact advice if you give more info. Please post the results of the nginx -T command I described. Also, show the Certbot command you used to create (not renew) the www.jobsforops.com cert.
@srikanth Sorry, I was mixing up your thread with another that is similar.
sudo nginx -T and post the results. Use three backticks before and after the output to have it nicely formatted. Or, save the output to a file and upload it.
Yes, see the openssl request is for jobsforops.com but the cert returned is for www.jobsforops.com. I now provided the sample nginx command above
sudo nginx -T
nginx:command not found
Yes, very sorry. I was confused again with yours and another. I see you are using Apache. Can you upload your Apache config which defines your servers?
could you please me give the command
i donot find any apache config fille in /etc
@srikanth I am sorry but I must be away for a while. Perhaps someone else can continue and review the info from my post #5 earlier:
Please show the output of:
sudo apachectl -t -D DUMP_VHOSTS
*:80 is a NameVirtualHost
default server jobsforops.com (/etc/httpd/conf/httpd.conf:44)
port 80 namevhost jobsforops.com (/etc/httpd/conf/httpd.conf:44)
port 80 namevhost jobsforops.com (/etc/httpd/conf.d/vhost.conf:1)
*:443 is a NameVirtualHost
default server ip-172-31-0-199.us-west-2.compute.internal (/etc/httpd/conf.d/ssl.conf:56)
port 443 namevhost ip-172-31-0-199.us-west-2.compute.internal (/etc/httpd/conf.d/ssl.conf:56)
port 443 namevhost jobsforops.com (/etc/httpd/conf/httpd-le-ssl.conf:2)
That part looks good.
Please show te output of:
EDIT: name:port conflict found