I have a domain like https://domain.zone this domain has SSL I am trying to use this certificate for all my subdomains using certbot command but it doesn't work this my command :
certbot -d domain.zone,*.doman.zone,www.domain.zone --expand
this not worked for me, I have too many subdomains and users crate their own subdomains I can't add all subdomains manually, so how to solve this for all new subdomains?
Related
I have my main site "domain.com" and a subdomain "apps.domain.com" (with different directories for each site)
I generated a LE wildcard certificate with cerbot but i cant figure out how to use it...
Im trying to get ssl on the domain and subdomain. (im using debian and apache)
I know im supposed to make a ssl config file for the 443 port then another one for port 80. Also i dont understand why apache doesnt read all configuration files (had to put 000 at the start of the file)
I also have several questions, when certificate is installed will the certbot auto renewals still work ? how do i tell apache to auto redirect to https ?
I have a website for my podcast built with Python / Django that is hosted on Heroku: https://dinpodcast.herokuapp.com/
I have a custom domain parked on GoDaddy, dinpodcast.com, that has a www CNAME directing to my heroku application. This works just fine: https://www.dinpoddcast.com
I wanted dinpodcast.com to redirect to the www website, so I have the following domain forwarding set up on Godaddy:
This also works great, for the most part. Now, when I enter http://dinpodcast.com, or just dinpodcast.com, both will redirect to https://www.dinpodcast.com.
Here's the problem. When I enter the naked domain WITH HTTPS, so when I enter https://dinpodcast.com into a browser's address bar, I get the following response:
Here's what I THINK is happening. My SSL certificate is provided by Heroku under their Automated Certificate Management program. So, I assume that since I don't have an SSL certificate with GoDaddy, it's timing out trying to find one before it can redirect to my www subdomain. Would this be correct? If so, is there any way around this WITHOUT buying an SSL certificate with GoDaddy? If that's not what's happening, then what is and how do I fix it?
When you create an ssl certificate in your domain do you include your root domain? Tried using this tool in your root domain and it seems that there is no ssl certificate. However the subdomain https://dinpodcast.herokuapp.com/ has one. I suggest putting an ssl certificate in all subdomain and root domain that you are using.
I also checked the root domain’s IP address using this tool and checked port 443 using another tool and apparently the port is closed. Double check your firewall and make sure 443 is open.
I've problems creating letsencrypt certs with the certbot.
Because I don't know where the problem is, I will just write everything down which can be the root cause:
I do have a domain and one subdomain. There is a Nginx which redirects the subdomain to the domain on a specific port.
Now I run the certbot for my domain without the subdomain at first.
sudo certbot --nginx -d domain.de -d www.domain.de
This leads to the following error:
Domain: domain.de Type: unauthorized Detail: Invalid
response from
http://domain.de/.well-known/acme-challenge/Y_Ka6V9JlHjBqjqanHLthoVL9F2yju_2TczRPwkBD0s:
"\n\n300 Multiple Choices\n\nMultiple C"
Domain: www.domain.de Type: unauthorized Detail: Invalid
response from
http://www.domain.de/.well-known/acme-challenge/Vf234FTDH7zH5TUBbBwVGfPVLK3m5rllc1s3Cu9KK3I:
"\n\n300 Multiple Choices\n\nMultiple C"
I couldn't find much except this thread. Letsencrypt Community
So I guess it is realted to my DNS Settings. I rent the domain via 1&1 and created a subdomain as well. Because I was playing around with Nginx redirects and the DNS settings, I configured the subdomain to have the same IPv4 & IPv6 as the domain. Could this be the problem or do I have to look somewhere else?
Best regards from Berlin!
I checked the IPv6 address with nslookup and this pointed to somewhere else. I do not understand how this can happen because I never touched the IPv6 (AAAA) record. I guess Certbot is checking A and AAAA and because they did not match the authentication failed.
I deleted the AAAA records for the domain and was able to get a cert without a problem.
I have a domain xyz.com and I have created a Let's Encrypt SSL certificates using Cetbot for xyz.com and www.xyz.com with the following command
sudo certbot --nginx -d xyz.com -d www.xyz.com
Now if I want to add blog.xyz.com, How could I append and not to write all the sub-domains again since say if I have 100 sub-domains it would be right to list all the 100 sub-domains to add a single extra sub-domain.
So the question is:
How could I append to the currently created certificate and not to list all existing sub-domains?
I am using Nginx, Certbot and all hosted on a DigitalOcean droplet.
You can expand an existing Certbot certificate by using the --expand option.
Have a look at the documentation: https://certbot.eff.org/docs/using.html?highlight=expand
Best regards.
*.example.com, example.com, www.example.com - SSL - Issued by Amazon.
SSL installed and setup with ELB. Accessing the domain via example.com and www.example.com works with SSL perfectly. Yet when any sub domain(Subdomain.example.com) is accessed, SSL fails.
Subdomains are generated via a route.php script. Subdomains are dynamic.
Forcing SSl doesn't work. Tried other methods via .htaccess and its failing.
Does ELB work with wildcard SSL ? How do i fix these problem?
Thanks
I found the solution.
Add *.example.com to ElB with A record alias in route 53.