I have one AWS ec2 server. 2 Route53 domain names. One domain name has successfully installed a Let’s Encrypt certificate. The other domain connects using http by way of a CNAME record to the original domain name. But id I try to access https:// I get an error. I would like the 2nd domain name to share that same certificate if possible. Do Subject Alternative Name (SAN) mechanisms work in this scenario? If so how do I configure it to work?
what's your domain name? To find errors in your configuration, some informations are required:
Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:
I ran this command:
It produced this output:
My web server is (include version):
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
I tried running certbot and crashed my system I am trying to spin up a new instance.
urls:
My domain is: englishaccelerant.com (this one was working fine)
Secondary testing domain: is acceleratedenglish.com
Ubuntu 16.04..6
AWS- ec2 Linux Bitnami Moodle instance
Amazon Route 53 DNS
Visible Content: Not Found The requested URL /.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de was not found on this server. Apache/2.4.18 (Ubuntu) Server at englishaccelerant.com Port 80
The non-www entry is missing. But that's simple, add the same CNAME entry. Currently, the non-www doesn't has an ip address, so you can't use http-01 validation with that domain name.
I am not sure how to correct the apache errors. I must have by using certbot reconfigured apache2. I'm getting this error:
[Thu May 02 01:22:47.839710 2019] [core:warn] [pid 2183] AH00111: Config variable ${APACHE_LOCK_DIR} is not defined
[Thu May 02 01:22:47.839843 2019] [core:warn] [pid 2183] AH00111: Config variable ${APACHE_PID_FILE} is not defined
[Thu May 02 01:22:47.839893 2019] [core:warn] [pid 2183] AH00111: Config variable ${APACHE_RUN_USER} is not defined
[Thu May 02 01:22:47.839954 2019] [core:warn] [pid 2183] AH00111: Config variable ${APACHE_RUN_GROUP} is not defined
[Thu May 02 01:22:47.840012 2019] [core:warn] [pid 2183] AH00111: Config variable ${APACHE_LOG_DIR} is not defined
[Thu May 02 01:22:47.849465 2019] [core:warn] [pid 2183:tid 140048898852736] AH00111: Config variable ${APACHE_LOG_DIR} is not defined
[Thu May 02 01:22:47.849687 2019] [core:warn] [pid 2183:tid 140048898852736] AH00111: Config variable ${APACHE_LOG_DIR} is not defined
[Thu May 02 01:22:47.849758 2019] [core:warn] [pid 2183:tid 140048898852736] AH00111: Config variable ${APACHE_LOG_DIR} is not defined
AH00526: Syntax error on line 74 of /etc/apache2/apache2.conf:
Invalid Mutex directory in argument file:${APACHE_LOCK_DIR}
installs Certbot with its Apache plugin from Ubuntu’s repository. But the package manager doesn’t know about Bitnami’s Apache, so it pulls in Ubuntu’s Apache as a dependency of the plugin. Now you have two Apache’s and they are probably interfering with each other
I’d recommend removing certbot and its dependencies by typing:
sudo apt-get remove --auto-remove certbot
and then either try again with Bitnami’s integrated solution, or if you want to use certbot, download certbot-auto instead and use that.