Trouble configuring https://www for my domain

lukemroz · August 3, 2016, 4:11pm

Hello,

I am following the wordpress deployment instructions for Digital Ocean servers. I followed the instructions on creating certificates here:

I followed the specific instruction here:

./letsencrypt-auto certonly -a webroot --webroot-path=/var/www/html -d comfortglobalhealth.com -d www.comfortglobalhealth.com

But, as you can see, when you visit

https://www.ssllabs.com/ssltest/analyze.html?d=comfortglobalhealth.com

https://comfortglobalhealth.com is trusted
https://wwww.comfortglobalhealth.com is trusted
https://www.comfortglobalhealth.com is not trusted

I don’t understand what mistake I made to where the proper keys were created for wwww but not www.

Thanks,
Luke

My domain is: www.comfortglobalhealth.com

I ran this command: https://www.ssllabs.com/ssltest/analyze.html?d=comfortglobalhealth.com&latest

It produced this output: Alternative names comfortglobalhealth.com wwww.comfortglobalhealth.com

My operating system is (include version): Ubuntu 16.04.1 LTS

My web server is (include version): nginx/1.10.1

My hosting provider, if applicable, is: digitalocean.com

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

pfg · August 3, 2016, 4:18pm

How certain are you that the command you ran didn’t contain a typo (i.e. wwww instead of www)?

Either way, try running this:

./letsencrypt-auto certonly -a webroot --expand --force-renewal --webroot-path=/var/www/html -d comfortglobalhealth.com -d www.comfortglobalhealth.com

--expand will force the client to overwrite the existing certificate, while --force-renewal will force the client to renew the certificate even though it’s not close to expiring yet. If you still see a certificate for wwww after that (don’t forget to restart nginx), we’re looking at a rather weird issue. I’d be curious about the log files from /var/log/letsencrypt if that’s the case.

lukemroz · August 3, 2016, 5:30pm

I’ve resolved the issue, thank you for your help!

I must have made the typing error the first time. At that time, my keys were stored in the comfortglobalhealth.com directory in the Lets Encrypt directory structure.

After regenerating the keys making sure I made no typos, I was pulling my hair out, since I was getting the same error. After following your instructions, I see that the new keys are stored in the www.comfortglobalhealth.com directory (instead of just comfortglobalhealth.com), and had to update my configuration files accordingly.

Thank you!

system · September 2, 2016, 5:30pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.