Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: zerokatta.in
I ran this command: certbot & certbot --apache -d www.zerokatta.in -d zerokatta.in
It produced this output:
Before adding www as a record in Route 53 (Command - certbot)
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Enter email address (used for urgent renewal and security notices)
(Enter 'c' to cancel): tech@zerokaata.com
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server. Do you agree?
(Y)es/(N)o: Y
Would you be willing, once your first certificate is successfully issued, to
share your email address with the Electronic Frontier Foundation, a founding
partner of the Let's Encrypt project and the non-profit organization that
develops Certbot? We'd like to send you email about our work encrypting the web,
EFF news, campaigns, and ways to support digital freedom.
(Y)es/(N)o: Y
Account registered.
Which names would you like to activate HTTPS for?
1: zerokatta.in
2: www.zerokatta.in
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel):
Requesting a certificate for zerokatta.in and www.zerokatta.in
Performing the following challenges:
http-01 challenge for www.zerokatta.in
http-01 challenge for zerokatta.in
Waiting for verification...
Challenge failed for domain www.zerokatta.in
http-01 challenge for www.zerokatta.in
Cleaning up challenges
Some challenges have failed.
IMPORTANT NOTES:
-
The following errors were reported by the server:
Domain: www.zerokatta.in
Type: dns
Detail: DNS problem: NXDOMAIN looking up A for www.zerokatta.in -
check that a DNS record exists for this domain; DNS problem:
NXDOMAIN looking up AAAA for www.zerokatta.in - check that a DNS
record exists for this domain
After adding www as a record in Route 53 (Command - certbot)
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Which names would you like to activate HTTPS for?
1: zerokatta.in
2: www.zerokatta.in
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel):
Requesting a certificate for zerokatta.in and www.zerokatta.in
Performing the following challenges:
http-01 challenge for www.zerokatta.in
Waiting for verification...
Cleaning up challenges
Created an SSL vhost at /etc/httpd/conf.d/zerokatta.in-le-ssl.conf
Deploying Certificate to VirtualHost /etc/httpd/conf.d/zerokatta.in-le-ssl.conf
Deploying Certificate to VirtualHost /etc/httpd/conf.d/zerokatta.in-le-ssl.conf
Redirecting vhost in /etc/httpd/conf.d/zerokatta.in.conf to ssl vhost in /etc/httpd/conf.d/zerokatta.in-le-ssl.conf
Congratulations! You have successfully enabled https://zerokatta.in and
https://www.zerokatta.in
Subscribe to the EFF mailing list (email: tech@zerokaata.com).
We were unable to subscribe you the EFF mailing list because your e-mail address appears to be invalid. You can try again later by visiting https://act.eff.org.
IMPORTANT NOTES:
-
Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/zerokatta.in/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/zerokatta.in/privkey.pem
Your certificate will expire on 2022-08-10. To obtain a new or
tweaked version of this certificate in the future, simply run
certbot again with the "certonly" option. To non-interactively
renew all of your certificates, run "certbot renew" -
If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let's Encrypt: Donate - Let's Encrypt
Donating to EFF: Support EFF's Work on Let's Encrypt | Electronic Frontier Foundation
Tried again with this Command - (certbot --apache -d www.zerokatta.in -d zerokatta.in)
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Cert not yet due for renewal
You have an existing certificate that has exactly the same domains or certificate name you requested and isn't close to expiry.
(ref: /etc/letsencrypt/renewal/zerokatta.in.conf)
What would you like to do?
1: Attempt to reinstall this existing certificate
2: Renew & replace the certificate (may be subject to CA rate limits)
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2
Renewing an existing certificate for www.zerokatta.in and zerokatta.in
Deploying Certificate to VirtualHost /etc/httpd/conf.d/zerokatta.in-le-ssl.conf
Deploying Certificate to VirtualHost /etc/httpd/conf.d/zerokatta.in-le-ssl.conf
Enhancement redirect was already set.
Enhancement redirect was already set.
Your existing certificate has been successfully renewed, and the new certificate
has been installed.
The new certificate covers the following domains: https://www.zerokatta.in and
https://zerokatta.in
IMPORTANT NOTES:
-
Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/zerokatta.in/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/zerokatta.in/privkey.pem
Your certificate will expire on 2022-08-10. To obtain a new or
tweaked version of this certificate in the future, simply run
certbot again with the "certonly" option. To non-interactively
renew all of your certificates, run "certbot renew" -
If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let's Encrypt: Donate - Let's Encrypt
Donating to EFF: Support EFF's Work on Let's Encrypt | Electronic Frontier Foundation
My web server is (include version): Server version: Apache/2.4.53 () Server built: Apr 12 2022 12:00:44
The operating system my web server runs on is (include version): Amazon Linux 2
My hosting provider, if applicable, is: AWS EC2
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot): certbot 1.11.0
I had ran the following command to install certbot -
amazon-linux-extras install epel -y
yum-config-manager --enable epel*
yum install mod_ssl -y
systemctl restart httpd
yum install certbot-apache -y
certbot
Following is the host file - /etc/httpd/conf.d/zerokatta.in.conf
Before -
<VirtualHost *:80>
ServerName zerokatta.in
ServerAlias www.zerokatta.in
DocumentRoot /var/www/html/
After installing SSL -
<VirtualHost *:80>
ServerName zerokatta.in
ServerAlias www.zerokatta.in
DocumentRoot /var/www/html/
RewriteEngine on
RewriteCond %{SERVER_NAME} =zerokatta.in [OR]
RewriteCond %{SERVER_NAME} =www.zerokatta.in
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
My issue is SSL is working fine without www - https://zerokatta.in/ but showing error in www subdomain - https://www.zerokatta.in/
You can check here too -
With www - https://www.whynopadlock.com/results/eba26615-3313-44c6-9365-1561a361b125
Without www - https://www.whynopadlock.com/results/8124cbb8-78a7-4008-8a04-2e04460a021a