Wrong hostname for server now untrusted


#1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: www.socialgunclub.com

I ran this command: certbot --apache

It produced this output: seemed to work, but had wrong hostname so was untrusted, changed host name and now it errors with: unable to find a virual host listening on port 80 which is currently needed…

My web server is (include version): Cent OS7 w/ Apache

The operating system my web server runs on is (include version): centos7

My hosting provider, if applicable, is: myself

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no


#2

Hi,

Can you please use this command to check if there’s any vHost use port 80 now?
apachectl -S / apache2ctl -S

(That command will print all vHost configs)

Thank you


#3

It’s only showing a virtual director for ssl


#4

For certbot --apache, you need to have an existing virtualhost configured for your specific site hostname and speaking HTTP on port 80. You can’t generally use the default HTTP virtualhost.

This normally means creating a basic HTTP virtualhost in /etc/apache2/sites-enabled following various guides or tutorials or using various site-setup tools. It needs to refer to the specific name(s) that you’ll want the certificate to cover. Again, you shouldn’t just use the default Apache configuration because the virtual hosting setup is an important part of how Certbot understands your site configuration and what names are available to request certificates for.

After this is working, certbot --apache should automatically create a matching HTTPS virtualhost listening on port 443, directly based upon your old HTTP virtualhost configuration, and with a valid certificate.