VirtualHost asks authorization of the parent domain name?

My domain is: https://v2025.afn-permis-bateau.fr/

I ran this command: dehydrated -c

It produced this output:
Processing v2025.afn-permis-bateau.fr

My web server is (include version):
Apache 2.4.62

The operating system my web server runs on is (include version):
Debian 12

I can login to a root shell on my machine (yes or no, or I don't know): YES

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): NO

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):Dehydrated version: 0.7.0

Ok, so to make it clear..
I'm moving from a server to another one.
the original url is afn-permis-bateau.fr. which points to the old server
I've made another virtualHost v2025.afn-permis-bateau.fr which points to the new server
it was working, but when cron tried to do the renewal of the certificates, it seems that the authorization asks the old server instead of the new one.

In my domains.txt, i've got this line
v2025.afn-permis-bateau.fr
No mention of the "base" url afn-permis-bateau.fr

Why is letsencrypt trying to validate v2025.afn-permis-bateau.fr by asking afn-permis-bateau.fr ?

Because your Apache server redirects HTTP requests to your v2025 domain to your apex domain. See curl example below. You even redirect "home" page requests like that.

You do not redirect HTTPS requests like this. Only HTTP ones. So, check your VirtualHost in Apache for redirects. Or maybe a .htaccess file.

curl -i http://v2025.afn-permis-bateau.fr
HTTP/1.1 301 Moved Permanently
Date: Sun, 02 Feb 2025 13:37:37 GMT
Server: Apache/2.4.62 (Debian)
Location: https://afn-permis-bateau.fr/
3 Likes

Yeah, right, sorry for the noise.. Forgot a redirect in my vhost config !

2 Likes