Hello All,
I have a problem with subdomain. I created SSL Certificate for main website (https://stelmaszyk.dev) and it works fine. After few days, I decided to simplify access to Nextcloud and I decided to create subdomain for it (nc.stelmaszyk.dev). For main website the certificate works fine, I have no issues.
The problem started when I created second host for my subdomain nc.stelmaszyk.dev
In /etc/hosts I added entry 127.0.0.1 nc.localhost
In /etc/apache2/sites-enabled I created port80-only entry for my subdomain where I pointed where nextcloud is installed (/var/www/html/nextcloud).
After that, I ran certbot to create certificate for this subdomain. I chose subdomain from the list and then selected 2. Redirect - Make all requests redirect to secure HTTPS access.
After that I added 443 port entry to nc.stelmaszyk.dev.conf file the same way I added SSL for my main page. After all, I get prompt that server was unable to prove that it belongs to nc.stelmaszyk.dev. Its certificate belongs to stelmaszyk.dev â ERR_CERT_COMMON_NAME_INVALID. What did I do wrong?
My domain is: stelmaszyk.dev | nc.stelmaszyk.dev
I ran this command: certbot
It produced this output:
Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if youâre confident your site works on HTTPS. You can undo this
change by editing your web serverâs configuration.
Select the appropriate number [1-2] then [enter] (press âcâ to cancel): 2
Failed redirect for nc.stelmaszyk.dev
Unable to set enhancement redirect for nc.stelmaszyk.dev
Unable to find corresponding HTTP vhost; Unable to create one as intended addresses conflict; Current configuration does not support automated redirection
IMPORTANT NOTES:
- We were unable to set up enhancement redirect for your server,
however, we successfully installed your certificate. - Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/nc.stelmaszyk.dev/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/nc.stelmaszyk.dev/privkey.pem
Your cert will expire on 2020-06-05. To obtain a new or tweaked
version of this certificate in the future, simply run certbot again
with the âcertonlyâ option. To non-interactively renew all of
your certificates, run âcertbot renewâ
My web server is (include version): OVH VPS SSD 1
The operating system my web server runs on is (include version): Debian 10 Buster
My hosting provider, if applicable, is: OVH
I can login to a root shell on my machine (yes or no, or I donât know): yes
Iâm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if youâre using Certbot): certbot 0.31.0