Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: drills.enorugby.com
I ran this command: certbot --staging
It produced this output:
Congratulations! You have successfully enabled https://drills.enorugby.com
You should test your configuration at:
My web server is (include version): Apache2
The operating system my web server runs on is (include version): Ubuntu 18.04
My hosting provider, if applicable, is: Digital Ocean
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): VestaCP
I already have a certificate for enorugby.com & www.enorugby.com. I am trying to add a separate cert for drills.enorugby.com. These all share the same IP address. Certbot seemed to run successfully, but when I run the SSL Labs test, it gives me a name mismatch. It seems to be looking at the other cert (enorugby.com).
Additionally, I have drills.enorugby.com setup as a separate web domain in VestaCP. When I edit the domain and select SSL Support - Lets Encrypt Support and save my changes, I get the following error: Error: Invalid response from http://drills.enorugby.com/.well-known/acme-challenge/julivmVddbxxAjqd2JDWUbaJfWWQpKC65FkMb6NmhBk: \
(Side note, before creating the new cert, I tried adding this subdomain to the existing cert using certbot certonly --cert-name enorugby.com -d enorugby.org,www.enorugby.org,drills.enorugby.com - this did not give me any errors, but it did not seem to update the Apache configuration, and I could not enable SSL Support in Vesta CP. I used that same command to remove drills.enorugby.com from the certificate, and then tried creating this new one. I really don’t care if it is on the same cert or not. I moved to creating a new one, because I was concerned that it would fail too many times in VestaCP, I would hit my rate limit, and I would lose the cert for enorugby.com, which is a public-facing website.)
Appreciate any advice you can give me. Thanks.