i have changed my domain name and i am using another cert provider with aws
when i try to enter server it tells me the old name certificate is there and i
cannot use https

i assume i need to remove the old cert from lets encrypt and i don't know how

My domain is: https://sbdda1.com/

I ran this command:

It produced this output:

My web server is (include version): iis 7

The operating system my web server runs on is (include version): windows 2008 r2 server

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

No, you don't need to remove certs before using a new one. But, your server needs to be configured to use your new cert.

That said, you may be misunderstanding what an AWS ACM cert can do. They are only usable within AWS services like Elastic Load Balancer, CloudFront, and such. They cannot be used from your own servers running in EC2 (for example) because AWS does not expose the private key that matches the leaf (server) cert.

I see that requests to https://sbdda1.com returns a cert for ddvp1.com that was from Let's Encrypt. That sounds like the problem you describe as the cert does not contain the name requested in the URL.

I also see you got a cert from AWS so you must have started to use one of the AWS services that supports their ACM.

If you describe more what you are trying to accomplish we may be able to offer suggestions.

in that case i will need to add a cert for the new domain name sbdda1.com
on a windows server 2008 r2

once this cert is added i will have to determine what to do with the old cert ddvp1.com
since it does not belong on this server anymore

i do not know if i can just leave the old cert on there or whether i have to remove it for the new cert to operate properly

thanks for your help

The certs are just files. When you configure your server to use the new cert files then you can remove the old cert files. Your server will use whatever you configure it to use. There is no outside interference.

To remove them you should use the acme client you set them up with so that any auto-renew is also disabled.

any advice on installing letsencrypt windows 2008 r2?

i did not install the present cert

If you are starting over you might want to look at a popular and easy to use client like https://certifytheweb.com/ Certify The Web.

Or, perhaps posh-acme or another ACME Client Implementations - Let's Encrypt from this list.

Although, Windows 2008 and IIS 7 is very old so I am not sure how well that is supported by anyone.

Extended support for Windows Server 2008 ended over two and a half years ago. It no longer receives any security updates. It is not safe to use that operating system on the internet. That is a much larger problem than configuring a certificate, but not something that can be resolved in this forum.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.