My domain is:
oldgamers.team
I ran this command:
DOMAIN=oldgamers.team && ./certbot-auto certonly --manual -d *.$DOMAIN -d $DOMAIN --agree-tos --manual-public-ip-logging-ok --preferred-challenges dns-01 --server https://acme-v02.api.letsencrypt.org/directory
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator manual, Installer None
You have an existing certificate that contains a portion of the domains you
requested (ref: /etc/letsencrypt/renewal/oldgamers.team.conf)
It contains these names: oldgamers.team
You requested these names for the new certificate: *.oldgamers.team,
oldgamers.team.
Do you want to expand and replace this existing certificate with the new
certificate?
(E)xpand/Ā©ancel: E
Renewing an existing certificate
Performing the following challenges:
dns-01 challenge for oldgamers.team
dns-01 challenge for oldgamers.team
Please deploy a DNS TXT record under the name
_acme-challenge.oldgamers.team with the following value:
hoXlZvX6OrxL1nbWTODchQVAMDdI9K8pRRLKls6QH2Y
Before continuing, verify the record is deployed.
Press Enter to Continue
Please deploy a DNS TXT record under the name
_acme-challenge.oldgamers.team with the following value:
g77v47G9lFZKoxGdziqUhxKE4cC55PYSfC24aIC0J0M
Before continuing, verify the record is deployed.
(This must be set up in addition to the previous challenges; do not remove,
replace, or undo the previous challenge tasks yet. Note that you might be
asked to create multiple distinct TXT records with the same name. This is
permitted by DNS standards.)
Press Enter to Continue
Waiting for verificationā¦
Cleaning up challenges
IMPORTANT NOTES:
-
Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/oldgamers.team/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/oldgamers.team/privkey.pem
Your cert will expire on 2019-04-25. To obtain a new or tweaked
version of this certificate in the future, simply run certbot-auto
again. To non-interactively renew all of your certificates, run
ācertbot-auto renewā -
If you like Certbot, please consider supporting our work by:
Donating to ISRG / Letās Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le
My web server is (include version):
Server version: Apache/2.4.25 (Debian)
Server built: 2018-11-03T18:46:19
The operating system my web server runs on is (include version):
Debian 9.7
My hosting provider, if applicable, is:
OVH
I can login to a root shell on my machine (yes or no, or I donāt know):
Yes
Iām using a control panel to manage my site (no, or provide the name and version of the control panel):
No
The version of my client is (e.g. output of certbot --version or certbot-auto --version if youāre using Certbot):
certbot 0.30.2
The problem Iām having:
Chromium is reporting āNot secureā when I go to forum.oldgamers.team. Everything is fine if I go to oldgamers.team. Iām not sure if it makes a difference, but forum.oldgamers.team is a CNAME to oldgamers.team. I simply want to separate it as a VHOST in apache as I want the forum to be separate from the main web page.