I would like to add the wildcard to my domain and it keeps coming up with a name mismatch when I check it.
I can install the root domain with no wildcard without any errors. I then run the command:
sudo /home/ec2-user/certbot-auto --debug --cert-name hubsmp.com --installer apache --server https://acme-v02.api.letsencrypt.org/directory --manual --preferred-challenges=dns -w /var/www/html -d hubsmp.com,*.hubsmp.com
and I receive an error:
Deploying Certificate to VirtualHost /etc/httpd/conf.d/ssl.conf
No vhost exists with servername or alias for domain *.hubsmp.com. No vhost was selected. Please specify ServerName or ServerAlias in the Apache config.
Exiting abnormally:
If I run the certificates command, I receive the following:
-------------------------------------------------------------------------------
Found the following certs:
Certificate Name: hubsmp.com-0001
Domains: hubsmp.com *.hubsmp.com
Expiry Date: 2018-06-14 18:40:20+00:00 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/hubsmp.com-0001/fullchain.pem
Private Key Path: /etc/letsencrypt/live/hubsmp.com-0001/privkey.pem
-------------------------------------------------------------------------------
In your case, the command should be sudo /home/ec2-user/certbot-auto --debug --cert-name hubsmp.com --installer apache --server https://acme-v02.api.letsencrypt.org/directory --manual --preferred-challenges=dns -w /var/www/html -d hubsmp.com -d *.hubsmp.com
When I do that, I get two different TXT challenges for the DNS TXT record. I can get past that, but then it gives me the error:
Deploying Certificate to VirtualHost /etc/httpd/conf.d/ssl.conf
No vhost exists with servername or alias for domain *.hubsmp.com. No vhost was selected. Please specify ServerName or ServerAlias in the Apache config.
Exiting abnormally:
Is that a different issue?
Just wondering,
Is the certificate issued (just not able to install) or the certificate was not issued at all?
(use certbot-auto certificates to find issued certificates)
This means all certificates you requested are already issued. But certbot just have trouble installing them.
While I don't know why it throwing this issue, you can still install the certificate by yourself.
Thank you
P.S. certbot certificates just list all certs you have requested for the server. It neither request a new certificate nor install/remove any of the certificates.
Is there a way to just delete all the certs, or revoke them and start over? I did that once using the delete command, but not sure it worked if it is still saying I have multiple certs.
You don't have to revoke certificates in order to delete them; you can also delete them without revoking with certbot delete --cert-name (the certificate name).
@bmw, could you opine on this wildcard deployment issue with the Apache installer? I’m not familiar with how the new logic works yet in terms of finding or creating appropriate virtual hosts for the wildcard.
I am getting a name mismatch - and when I run the certificates option I see two certificates (see above)
I did find a virtual host option in my ssl.conf file. RIght now it only has one domain listed, hubsmp.com. Should I simply add *.hubsmp.com?
ServerName hubsmp.com
SSLCertificateFile /etc/letsencrypt/live/hubsmp.com-0001/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/hubsmp.com-0001/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf