The certificate is only valid for "collabora.asketic.ovh" on all certificates

nmarmon · January 19, 2018, 7:37pm

I do not know why, but for no apparent reason other than having gone to create more certificates in the proxy with nginx, in which two certificates were already working correctly, in the following ones that I have created today I started to bother this error:

I am creating the certificate with the following command:

certbot certonly -d docs.asketic.ovh
Saving debug log to /var/log/letsencrypt/letsencrypt.log

How would you like to authenticate with the ACME CA?
-------------------------------------------------------------------------------
1: Place files in webroot directory (webroot)
2: Spin up a temporary webserver (standalone)
-------------------------------------------------------------------------------
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for docs.asketic.ovh
Waiting for verification...
Cleaning up challenges
Generating key (2048 bits): /etc/letsencrypt/keys/0008_key-certbot.pem
Creating CSR: /etc/letsencrypt/csr/0008_csr-certbot.pem

IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at
  /etc/letsencrypt/live/docs.asketic.ovh/fullchain.pem. Your cert
  will expire on 2018-04-19. To obtain a new or tweaked version of
  this certificate in the future, simply run certbot again. To
  non-interactively renew *all* of your certificates, run "certbot
  renew"
- If you like Certbot, please consider supporting our work by:

  Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
  Donating to EFF:                    https://eff.org/donate-le

root@nginx:/etc/nginx/sites-available# service nginx start
[ ok ] Starting nginx: nginx.

And I also check that the “docs.asketic.ovh” directory and the certificates inside it have been created in the /etc/letsencrypt. why the certificate is wrongly created?

Regards

jared.m · January 19, 2018, 7:48pm

Certonly will obtain the certificates, but not do anything to actually install them for you. You’ll need to install them manually on your web server. In October and December, I see you’ve issued certificates for the collabora subdomain, and then separate ones for docs, cloud, and redmine more recently. Are these all on the same server? Did you want to have all of these on one certificate?

nmarmon · January 19, 2018, 7:54pm

Today I tried to create the ones for redmine and docs, and everyone, including the cloud, tells me to try to read the collabora one. And I do not know why.

jared.m · January 19, 2018, 8:10pm

Well, because that’s the certificate your server is sending out. Once you made those new certificates today, did you go into your web server config and apply them to the appropriate vhosts/server blocks? (I don’t know which because you didn’t answer the suggested questions to tell us what web server software you’re using.)

nmarmon · February 3, 2018, 11:02am

Hi, I’ve been busy with some other things, sorry for the delay in answer.

I just want to say that I have solved the issue by dropping the certificates and creating them again, so we can give the issue as solved.

Thanks for your help.

Regards

system · March 5, 2018, 11:03am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.