The certificate generated by certbot only works for my main domain, and is invalid for subdomains

Saulo-Felipe · January 4, 2024, 3:57am

My domain is: saulofelipe.tech and server.saulofelipe.tech

I ran this command: sudo certbot certificates

It produced this output:

Found the following certs:

Certificate Name: saulofelipe.tech
Serial Number: 3e819a37302466111128ab24cd651c2fc71
Key Type: RSA
Domains: saulofelipe.tech
Expiry Date: 2024-04-03 02:34:32+00:00 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/saulofelipe.tech/fullchain.pem
Private Key Path: /etc/letsencrypt/live/saulofelipe.tech/privkey.pem

Certificate Name: server.saulofelipe.tech
Serial Number: 495c726470919bab0119b68dcaf06c2877d
Key Type: RSA
Domains: server.saulofelipe.tech
Expiry Date: 2024-04-03 02:37:36+00:00 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/server.saulofelipe.tech/fullchain.pem
Private Key Path: /etc/letsencrypt/live/server.saulofelipe.tech/privkey.pem

My web server is (include version): nginx

The operating system my web server runs on is (include version): ubuntu 22

My hosting provider, if applicable, is: hostinger

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
certbot 1.21.0

I will describe my problem as briefly as possible:

My main domain (saulofelipe.tech) is running a web application through vercel, that is, I have a nameserver of type "A" name "@" pointing to the vercel server and apparently everything works smoothly. However, after generating a certificate for my "server" subdomain it doesn't work, it's as if the certificate was invalid, I've already tried renewing it and the problem persists, if necessary, I can also put the nginx configuration file here, the idea is that this subdomain points to a server that is running on AWS EC2. Every help is welcome.

MikeMcQ · January 4, 2024, 4:01am

Welcome @Saulo-Felipe

What exactly do you mean by "doesnt work". The cert looks fine for both your domains using this SSL Checker (and my own test system)

Saulo-Felipe · January 4, 2024, 4:05am

I mean, this happens:

Saulo-Felipe · January 4, 2024, 4:08am

@MikeMcQ Do you have any idea what could be happening?

MikeMcQ · January 4, 2024, 4:18am

Did you restart your browser? I'm not really sure what is wrong.

On my firefox I get a 403 Forbidden but no trouble with HTTPS part

And, SSL Labs even says it is okay

https://www.ssllabs.com/ssltest/analyze.html?d=server.saulofelipe.tech&hideResults=on

Do you see that "https" error on other devices?

rg305 · January 4, 2024, 4:24am

Is your PC within a network behind either of these IPs?:

Name:    server.saulofelipe.tech
Address: 15.229.109.76

Name:    saulofelipe.tech
Address: 76.76.21.21

Show from PC:
curl -4 ifconfig.io

system · February 3, 2024, 4:25am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Issue with creating certificates for subdomains Help	8	755	May 1, 2020
Certbot fails to create a certificate for the main domain, when subdomain has a certificate Help	5	652	January 26, 2024
My certificate does not match the domain name Help	7	808	August 16, 2019
New Certificate for subdomain on different host Help	3	388	May 13, 2022
Failed authorization procedure - NXDOMAIN looking up A because of subdomains Help	2	1944	October 30, 2018

The certificate generated by certbot only works for my main domain, and is invalid for subdomains

Related topics