SSL Issue - DNS settings

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: www.poultrypages.com

I ran this command: Certbot installation

It produced this output:

ssl.jpg1600×1200 289 KB

My web server is (include version): Ubuntu

The operating system my web server runs on is (include version): Apache

My hosting provider, if applicable, is: Digital Ocean

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): Wordpress

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): Latest Version

I have uploaded a picture of the error im receiving, appears to be something to do with the DNS settings?

Hi @Gamblegray

that's not a DNS problem, there is an answer. Please share your certbot command you have used (not the installation command, the certificate creation command).

sudo certbot --apache -d example.com -d www.example.com

If that command doesn’t work, your Apache configuration is buggy.

What says

apachectl -S

AH00558: apache2: Could not reliably determine the server’s fully qualified domain name, using 127.0.1.1. Set the ‘ServerName’ directive globally to suppress this message
VirtualHost configuration:
*:80 is a NameVirtualHost
default server poultrypages.com (/etc/apache2/sites-enabled/000-default.conf:4)
port 80 namevhost poultrypages.com (/etc/apache2/sites-enabled/000-default.conf:4)
alias www.poultrypages.com
port 80 namevhost poultrypages.com (/etc/apache2/sites-enabled/poultrypages.com.conf:1)
alias www.poultrypages.com
ServerRoot: “/etc/apache2”
Main DocumentRoot: “/var/www/html”
Main ErrorLog: “/var/log/apache2/error.log”
Mutex rewrite-map: using_defaults
Mutex default: dir="/var/run/apache2/" mechanism=default
Mutex mpm-accept: using_defaults
Mutex watchdog-callback: using_defaults
PidFile: “/var/run/apache2/apache2.pid”
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name=“www-data” id=33
Group: name=“www-data” id=33

root@PoultryPages:~# sudo certbot --apache -d poultrypages.com -d www.poultrypages.com
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for poultrypages.com
http-01 challenge for www.poultrypages.com
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. poultrypages.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.poultrypages.com/.well-known/acme-challenge/ScISPQa1a3fdig-U2lVN_xjsVKxEp9Cj_kWXrhLF7rY [157.230.53.94]: "\n<html lang=“en-GB” class=“no-js”>\n\n\t<meta charset=“UTF-8”>\n\t<meta name=“viewport” content=“width=device-wi”, www.poultrypages.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.poultrypages.com/.well-known/acme-challenge/s-sD1dx37o_Ie2xhD0M3_MOmlQNtaKXG3YgRehN3Dyg [157.230.53.94]: "\n<html lang=“en-GB” class=“no-js”>\n\n\t<meta charset=“UTF-8”>\n\t<meta name=“viewport” content=“width=device-wi”

IMPORTANT NOTES:

• The following errors were reported by the server:

  Domain: poultrypages.com
  Type: unauthorized
  Detail: Invalid response from
  http://www.poultrypages.com/.well-known/acme-challenge/ScISPQa1a3fdig-U2lVN_xjsVKxEp9Cj_kWXrhLF7rY
  [157.230.53.94]: "\n<html lang=“en-GB”
  class=“no-js”>\n\n\t<meta charset=“UTF-8”>\n\t<meta
  name=“viewport” content=“width=device-wi”

  Domain: www.poultrypages.com
  Type: unauthorized
  Detail: Invalid response from
  http://www.poultrypages.com/.well-known/acme-challenge/s-sD1dx37o_Ie2xhD0M3_MOmlQNtaKXG3YgRehN3Dyg
  [157.230.53.94]: "\n<html lang=“en-GB”
  class=“no-js”>\n\n\t<meta charset=“UTF-8”>\n\t<meta
  name=“viewport” content=“width=device-wi”

  To fix these errors, please make sure that your domain name was
  entered correctly and the DNS A/AAAA record(s) for that domain
  contain(s) the right IP address.

There

you see the problem. You have different definitions with the same port and the same domain name.

Make a backup of these files. Then merge these, so every combination of port and vHost is unique.

Without sounding completely thick, how do you go about merging them?

Compare each row. I don't know which of these overlapping entries is correct. Or delete one complete and see, what happens.

PS: Yes, it's terrible.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.