Troymacnaughtong.com 2

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: troymacnaughton.com

I ran this command:

It produced this output:

My web server is (include version):
apache 2.4.6
The operating system my web server runs on is (include version): CentOS7

My hosting provider, if applicable, is:GoDaddy

I can login to a root shell on my machine (yes or no, or I don't know):ye

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 1.14.0

Lost what's going on here still trymacnaughton.com, I moved the dns to godaddy renewed teh cert but still not working in browser. Any ideas? Old thread from December 2020

2 Likes

Is this a typo? I can get to https://troymacnaughton.com/

2 Likes

For what it's worth, welcome back. :slightly_smiling_face:

It looks like something's amiss with your Apache VirtualHosts.

What's the output of sudo apachectl -S ?

2 Likes

Screenshot_2021-05-05_13-39-38
Works for me!

2 Likes

VirtualHost configuration:
*:443 is a NameVirtualHost
default server 0rcan0mic.com (/etc/httpd/conf.d/0rcan0mic.com-le-ssl.conf:2)
port 443 namevhost 0rcan0mic.com (/etc/httpd/conf.d/0rcan0mic.com-le-ssl.conf:2)
alias www.0rcan0mic.com
port 443 namevhost caydenlund.com (/etc/httpd/conf.d/caydenlund.com-le-ssl.conf:2)
alias www.caydenlund.com
port 443 namevhost constantcounselling.com (/etc/httpd/conf.d/constantcounselling.com-le-ssl.conf:2)
alias www.constantcounselling.com
port 443 namevhost couponfreegiveaway.com (/etc/httpd/conf.d/couponfreegiveaway.com-le-ssl.conf:2)
alias www.couponfreegiveaway.com
port 443 namevhost gordaddys.org (/etc/httpd/conf.d/gordaddys.org-le-ssl.conf:2)
alias www.gordaddys.org
port 443 namevhost greatresultsbusinesscoaching.com (/etc/httpd/conf.d/greatresultsbusinesscoaching.com-le-ssl.conf:2)
alias www.greatresultsbusinesscoaching.com
port 443 namevhost hopetonmedia.com (/etc/httpd/conf.d/hopetonmedia.com-le-ssl.conf:2)
alias www.hopetonmedia.com
port 443 namevhost internetpowerhouse.org (/etc/httpd/conf.d/internetpowerhouse.org-le-ssl.conf:2)
alias www.internetpowerhouse.org
port 443 namevhost jessemacdougall.com (/etc/httpd/conf.d/jessemacdougall.com-le-ssl.conf:2)
alias www.jessemacdougall.com
port 443 namevhost jesusjesse.org (/etc/httpd/conf.d/jesusjesse.org-le-ssl.conf:2)
alias www.jesusjesse.org
port 443 namevhost macdougall.ninja (/etc/httpd/conf.d/macdougall.ninja-le-ssl.conf:2)
alias www.macdougall.ninja
port 443 namevhost martial-arts-of-health.com (/etc/httpd/conf.d/martial-arts-of-health.com-le-ssl.conf:2)
alias www.martial-arts-of-health.com
port 443 namevhost mybestfriendsarecats.com (/etc/httpd/conf.d/mybestfriendsarecats.com-le-ssl.conf:2)
alias www.mybestfriendsarecats.com
port 443 namevhost orcaaccounting.com (/etc/httpd/conf.d/orcaaccounting.com-le-ssl.conf:2)
alias www.orcaaccounting.com
port 443 namevhost orcacomputers.com (/etc/httpd/conf.d/orcacomputers.com-le-ssl.conf:2)
alias www.orcacomputers.com
port 443 namevhost orcaemail.com (/etc/httpd/conf.d/orcaemail.com-le-ssl.conf:2)
alias www.orcaemail.com
port 443 namevhost orcahelpdesk.com (/etc/httpd/conf.d/orcahelpdesk.com-le-ssl.conf:2)
alias www.orcahelpdesk.com
port 443 namevhost orcainbox.com (/etc/httpd/conf.d/orcainbox.com-le-ssl.conf:2)
alias www.orcainbox.com
port 443 namevhost orcamartialarts.com (/etc/httpd/conf.d/orcamartialarts.com-le-ssl.conf:2)
alias www.orcamartialarts.com
port 443 namevhost orcanutrition.com (/etc/httpd/conf.d/orcanutrition.com-le-ssl.conf:2)
alias www.orcanutrition.com
port 443 namevhost realtimerevenuetracker.com (/etc/httpd/conf.d/realtimerevenuetracker.com-le-ssl.conf:2)
alias www.realtimerevenuetracker.com
port 443 namevhost orcacomputers.orcainbox (/etc/httpd/conf.d/ssl.conf:56)
port 443 namevhost thepowerhousemethod.org (/etc/httpd/conf.d/thepowerhousemethod.org-le-ssl.conf:2)
alias www.thepowerhousemethod.org
port 443 namevhost thesuperioreatingsystem.com (/etc/httpd/conf.d/thesuperioreatingsystem.com-le-ssl.conf:2)
alias www.thesuperioreatingsystem.com
port 443 namevhost troymacnaughton.com (/etc/httpd/conf.d/troymacnaughton.com-le-ssl.conf:1)
alias www.troymacnaughton.com
port 443 namevhost womenwhohelpmen.org (/etc/httpd/conf.d/womenwhohelpmen.org-le-ssl.conf:2)
alias www.womenwhohelpmen.org
*:80 is a NameVirtualHost
default server orcacomputers.orcainbox (/etc/httpd/conf.d/00-default.conf:1)
port 80 namevhost orcacomputers.orcainbox (/etc/httpd/conf.d/00-default.conf:1)
port 80 namevhost 0rcan0mic.com (/etc/httpd/conf.d/0rcan0mic.com.conf:1)
alias www.0rcan0mic.com
port 80 namevhost caydenlund.com (/etc/httpd/conf.d/caydenlund.com.conf:1)
alias www.caydenlund.com
port 80 namevhost constantcounselling.com (/etc/httpd/conf.d/constantcounselling.com.conf:1)
alias www.constantcounselling.com
port 80 namevhost couponfreegiveaway.com (/etc/httpd/conf.d/couponfreegiveaway.com.conf:1)
alias www.couponfreegiveaway.com
port 80 namevhost gordaddys.org (/etc/httpd/conf.d/gordaddys.org.conf:1)
alias www.gordaddys.org
port 80 namevhost greatresultsbusinesscoaching.com (/etc/httpd/conf.d/greatresultsbusinesscoaching.com.conf:1)
alias www.greatresultsbusinesscoaching.com
port 80 namevhost hopetonmedia.com (/etc/httpd/conf.d/hopetonmedia.com.conf:1)
alias www.hopetonmedia.com
port 80 namevhost internetpowerhouse.org (/etc/httpd/conf.d/internetpowerhouse.org.conf:1)
alias www.internetpowerhouse.org
port 80 namevhost jessemacdougall.com (/etc/httpd/conf.d/jessemacdougall.com.conf:1)
alias www.jessemacdougall.com
port 80 namevhost jesusjesse.org (/etc/httpd/conf.d/jesusjesse.org.conf:1)
alias www.jesusjesse.org
port 80 namevhost macdougall.ninja (/etc/httpd/conf.d/macdougall.ninja.conf:1)
alias www.macdougall.ninja
port 80 namevhost martial-arts-of-health.com (/etc/httpd/conf.d/martial-arts-of-health.com.conf:1)
alias www.martial-arts-of-health.com
port 80 namevhost mybestfriendsarecats.com (/etc/httpd/conf.d/mybestfriendsarecats.com.conf:1)
alias www.mybestfriendsarecats.com
port 80 namevhost orcaaccounting.com (/etc/httpd/conf.d/orcaaccounting.com.conf:1)
alias www.orcaaccounting.com
port 80 namevhost orcacomputers.com (/etc/httpd/conf.d/orcacomputers.com.conf:1)
alias www.orcacomputers.com
port 80 namevhost orcaemail.com (/etc/httpd/conf.d/orcaemail.com.conf:1)
alias www.orcaemail.com
port 80 namevhost orcahelpdesk.com (/etc/httpd/conf.d/orcahelpdesk.com.conf:1)
alias www.orcahelpdesk.com
port 80 namevhost orcainbox.com (/etc/httpd/conf.d/orcainbox.com.conf:1)
alias www.orcainbox.com
port 80 namevhost orcamartialarts.com (/etc/httpd/conf.d/orcamartialarts.com.conf:1)
alias www.orcamartialarts.com
port 80 namevhost orcanutrition.com (/etc/httpd/conf.d/orcanutrition.com.conf:1)
alias www.orcanutrition.com
port 80 namevhost realtimerevenuetracker.com (/etc/httpd/conf.d/realtimerevenuetracker.com.conf:1)
alias www.realtimerevenuetracker.com
port 80 namevhost thepowerhousemethod.org (/etc/httpd/conf.d/thepowerhousemethod.org.conf:1)
alias www.thepowerhousemethod.org
port 80 namevhost thesuperioreatingsystem.com (/etc/httpd/conf.d/thesuperioreatingsystem.com.conf:1)
alias www.thesuperioreatingsystem.com
port 80 namevhost troymacnaughton.com (/etc/httpd/conf.d/troymacnaughton.com.conf:1)
alias www.troymacnaughton.com
port 80 namevhost womenwhohelpmen.org (/etc/httpd/conf.d/womenwhohelpmen.org.conf:1)
alias www.womenwhohelpmen.org
ServerRoot: "/etc/httpd"
Main DocumentRoot: "/var/www/"
Main ErrorLog: "/etc/httpd/logs/error_log"
Mutex ssl-stapling: using_defaults
Mutex proxy: using_defaults
Mutex authn-socache: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/run/httpd/" mechanism=default
Mutex mpm-accept: using_defaults
Mutex authdigest-opaque: using_defaults
Mutex proxy-balancer-shm: using_defaults
Mutex rewrite-map: using_defaults
Mutex authdigest-client: using_defaults
PidFile: "/run/httpd/httpd.pid"
Define: _RH_HAS_HTTPPROTOCOLOPTIONS
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
Define: MODPERL2
User: name="apache" id=48
Group: name="apache" id=48

I'm working on all these domains

2 Likes

odd...not for me..both in chrome and firefox.

2 Likes

Let's Debug says you might have a bad redirect (I added might)
Cert name mismatch from Hardenize
But it works from the Pacific Northwest

2 Likes

MultipleIPAddressDiscrepancy

Warning

troymacnaughton.com has multiple IP addresses in its DNS records. While they appear to be accessible on the network, we have detected that they produce differing results when sent an ACME HTTP validation request. This may indicate that some of the IP addresses may unintentionally point to different servers, which would cause validation to fail.

[Address=92.205.28.224,Address Type=IPv4,Server=Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 mod_perl/2.0.11 Perl/v5.16.3,HTTP Status=301,Number of Redirects=10,Final HTTP Status=301] vs [Address=184.69.151.38,Address Type=IPv4,Server=Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 mod_perl/2.0.11 Perl/v5.16.3,HTTP Status=301,Number of Redirects=1,Final HTTP Status=404]

2 Likes

hmm..looks like it's using the smtp ip. should be using the production ip 184.69.151.38
So maybe remove the 92.205.28.224 text? If so, how?

2 Likes

Your VirtualHosts are looking good. There are a couple listed below that I question if you really want them active or not. They're defaultish and likely not accessible from the internet (or maybe anywhere).

port 80 namevhost orcacomputers.orcainbox
(/etc/httpd/conf.d/00-default.conf:1)
port 443 namevhost orcacomputers.orcainbox
(/etc/httpd/conf.d/ssl.conf:56)

The actual problem is the extraneous IP address that @Rip astutely observed. It is just an extra A record for troymacnaughton.com in your DNS at GoDaddy that needs to be deleted. You can see it in the dig screenshot below.

You can see that www.troymacnaughton.com does not have the extraneous A record:

1 Like

I need that A record 92.205.28.224 in there though because that is the smtp ip

thanks for orcacomputers.orcainbox those are for internet traffic on the network I believe. No issues there that I am aware of.

Standing by

2 Likes

I don't think that you want the wrong certificate (and content) to be served for troymacnaughton.com every time the 92.205.28.224 A record is returned to someone's browser though. If you want to use that server as an alternative, you probably want it to have the same configuration (including the certificate) and serve the same content as the primary IP address. If this is intentional, why does www.troymacnaughton.com not have that extra A record?

This is what I see sometimes for troymacnaughton.com:

Were you meaning "intranet" traffic here? Since orcacomputers.orcainbox ends in orcainbox, which isn't a publicly-recognized TLD, rather than orcainbox.com, how do you manage to reach orcacomputers.orcainbox? A hosts file or custom DNS server?

4 Likes

ah! thanks! got that all taken care of and now all certs work! Thanks guys!

3 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.