my domain is:
soltanius.de
I ran this command:
certbot --apache -m myEmail -d soltanius.de
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for soltanius.de
Waiting for verification…
Cleaning up challenges
Could not reverse map the HTTPS VirtualHost to the original
IMPORTANT NOTES:
- Unable to install the certificate
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/soltanius.de/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/soltanius.de/privkey.pem
Your cert will expire on 2020-01-25. To obtain a new or tweaked
version of this certificate in the future, simply run certbot again
with the “certonly” option. To non-interactively renew all of
your certificates, run “certbot renew”
My web server is (include version):
Apache/2.4.29 (Ubuntu)
The operating system my web server runs on is (include version):
Ubuntu 18.04.3 LTS
My hosting provider, if applicable, is:
Strato AG
I can login to a root shell on my machine (yes or no, or I don’t know):
yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): /
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
certbot 0.23.0
First, my english is not the best, but i make an effort. 
I tried to make a SSL certificate for my Website but I got this output and my Website isn´t secured. (tested with Chrome on Windows 10)
My certificate for my cloud (nextcloud) works.
Domain: cloud.soltanius.de
What can I do?
Hi @Soltanius
checking your domain you have created 4 certificates - https://check-your-website.server-daten.de/?q=soltanius.de#ct-logs
| Issuer |
not before |
not after |
Domain names |
LE-Duplicate |
next LE |
| Let's Encrypt Authority X3 |
2019-10-27 |
2020-01-25 |
soltanius.de - 1 entries |
duplicate nr. 4 |
|
| Let's Encrypt Authority X3 |
2019-10-27 |
2020-01-25 |
soltanius.de - 1 entries |
duplicate nr. 3 |
|
| Let's Encrypt Authority X3 |
2019-10-27 |
2020-01-25 |
soltanius.de - 1 entries |
duplicate nr. 2 |
|
| Let's Encrypt Authority X3 |
2019-10-27 |
2020-01-25 |
soltanius.de - 1 entries |
duplicate nr. 1 |
|
| Let's Encrypt Authority X3 |
2019-09-20 |
2019-12-19 |
ts3bot.soltanius.de - 1 entries |
|
|
So that part has worked. Don't create a new certificate, there is a rate limit.
But used is the wrong certificate:
CN=cloud.soltanius.de
17.09.2019
16.12.2019
expires in 50 days cloud.soltanius.de - 1 entry
If you can't install it:
First step: Update your Certbot, 0.23 is very old.
Then: Looks like your configuration is buggy, Certbot doesn't understand it.
What says
apachectl -S
Is there an extra command to update certbot?
I use apt-get upgrade and apt-get install once per week…
apachectl -S:
VirtualHost configuration:
81.169.170.18:443 cloud.soltanius.de (/etc/apache2/sites-enabled/nextcloud-le-ssl.conf:2)
81.169.170.18:80 is a NameVirtualHost
default server cloud.soltanius.de (/etc/apache2/sites-enabled/nextcloud.conf:1)
port 80 namevhost cloud.soltanius.de (/etc/apache2/sites-enabled/nextcloud.conf:1)
alias www.cloud.soltanius.de
port 80 namevhost soltanius.de (/etc/apache2/sites-enabled/soltanius.conf:1)
port 80 namevhost www.soltanius.de (/etc/apache2/sites-enabled/soltanius.conf:17)
port 80 namevhost soltanius.de (/etc/apache2/sites-enabled/soltanius.conf:33)
port 80 namevhost steckbriefe.soltanius.de (/etc/apache2/sites-enabled/steckbriefe.conf:1)
port 80 namevhost www.steckbriefe.soltanius.de (/etc/apache2/sites-enabled/steckbriefe.conf:17)
*:80 h2849908.stratoserver.net (/etc/apache2/sites-enabled/000-default.conf:1)
ServerRoot: “/etc/apache2”
Main DocumentRoot: “/var/www/html”
Main ErrorLog: “/var/log/apache2/error.log”
Mutex rewrite-map: using_defaults
Mutex ssl-stapling-refresh: using_defaults
Mutex ssl-stapling: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/var/run/apache2/" mechanism=default
Mutex mpm-accept: using_defaults
Mutex watchdog-callback: using_defaults
PidFile: “/var/run/apache2/apache2.pid”
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name=“www-data” id=33
Group: name=“www-data” id=33
steckbriefe.soltanius.de is another Website, wich I used as a test for my skill in HTML/CSS
There
you see the problem. Two vHosts with the same port + domain name. So Certbot doesn't know what's the correct vHost.
Should non-www + www have the same content? If yes, merge these three in one port 80 vHost.
With
ServerName soltanius.de
ServerAlias www.soltanius.de
so you have one vHost with both domain names. Remove the other vHosts, then restart your Apache, then again apachectl -S to see, if the output is correct.
So… Now:
VirtualHost configuration:
81.169.170.18:443 cloud.soltanius.de (/etc/apache2/sites-enabled/nextcloud-le-ssl.conf:2)
81.169.170.18:80 is a NameVirtualHost
default server cloud.soltanius.de (/etc/apache2/sites-enabled/nextcloud.conf:1)
port 80 namevhost cloud.soltanius.de (/etc/apache2/sites-enabled/nextcloud.conf:1)
alias www.cloud.soltanius.de
port 80 namevhost soltanius.de (/etc/apache2/sites-enabled/soltanius.conf:1)
alias www.soltanius.de
port 80 namevhost steckbriefe.soltanius.de (/etc/apache2/sites-enabled/steckbriefe.conf:1)
alias www.steckbrief.soltanius.de
*:80 h2849908.stratoserver.net (/etc/apache2/sites-enabled/000-default.conf:1)
ServerRoot: “/etc/apache2”
Main DocumentRoot: “/var/www/html”
Main ErrorLog: “/var/log/apache2/error.log”
Mutex ssl-stapling: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/var/run/apache2/" mechanism=default
Mutex mpm-accept: using_defaults
Mutex watchdog-callback: using_defaults
Mutex rewrite-map: using_defaults
Mutex ssl-stapling-refresh: using_defaults
PidFile: “/var/run/apache2/apache2.pid”
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name=“www-data” id=33
Group: name=“www-data” id=33
I´ve done the same for my other Sub-Domain.
I used Port 80, should this be the problem?
http use this port and https use 443,or I´m wrong?
That looks good:
Now create one certificate with both domain names.
certbot --apache -d soltanius.de -d www.soltanius.de
So the command has the same list of domain names as one vHost.
Should work with the old Certbot, because now your configuration is better.
Thank u very much!
Now i know how I can do it
Yep, now there is a new certificate with both domain names 
I tried the same with my other Domain…
What mean this output?:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for steckbriefe.soltanius.de
http-01 challenge for www.steckbriefe.soltanius.de
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. www.steckbriefe.soltanius.de (http-01): urn:acme:error:dns :: DNS problem: NXDOMAIN looking up A for www.steckbriefe.soltanius.de
IMPORTANT NOTES:
There is a check of your domain, some minutes old - https://check-your-website.server-daten.de/?q=steckbriefe.soltanius.de
There is no ip address
of the www version. Add one or ignore it (remove the www version in your vHost). It's a subdomain, so a www version isn't required. But you can create one.
Oh… thanks…
I didn´t know, that I have to make a extra subdomain then…
I removed the alias in the vHost and now its works too…
This was ist for the next time 