What I want to achieve. Let’s say I have like 10 domains and most of them are using a CDN network. I configured a brand new VPS and want to be able to renew them with “certbot --auto” which I was doing previously on another server and everything went smooth.
I ran this command: certbot certonly --manual -d mydomainname.com -d www.mydomainname.com --preferred-challenges=“dns”
It produced this output:
Obtaining a new certificate
Performing the following challenges:
dns-01 challenge for mydomainname.com
dns-01 challenge for www.mydomainname.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
NOTE: The IP of this machine will be publicly logged as having requested thiscertificate. If you're running certbot in manual mode on a machine that is notyour server, please ensure you're okay with that.
Are you OK with your IP being logged?
-----------------------
I press Y copy and paste the values to the TXT records and it says “Congratulations!” everything goes smooth here.
Now I know that it uses installer NONE and maybe this is where my problem is but I remember before using Certbot on another server it automatically generated it’s chain.pem output in the le-ssl.conf files in the vhosts. Now I want it to do the same. I don’t know how to force it to put the configuration into my vhosts. My browser says:
Your connection is not private
I manually created the vhosts files but I want the chain to be inside them by default every time I issue a new command with a DNS challange.
I’m using a CDN.
If I try “certbot --auto” and the select just the domain I issued the certificate it gives me this:
Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA. You may need to use an authenticator plugin that can do challenges over DNS.
My web server is (include version): Debian 9
I can login to a root shell on my machine: Yes
I’m using a control panel to manage my site:no
The version of my client is certbot --version: 0.28.0 / certbot-auto --version: 1.2.0