How to configure Let's Encrypt Manually?
I use Certbot to install Let's Encrypt certificate. Yet, the my.reviewinnovations.com is NOT secure and seemed that the certificate it load is that for reviewinnovations.com.
I use the following command to get the certificate:
For my.reviewinnovations.com
certbot certonly --rsa-key-size 2048 --standalone --agree-tos --no-eff-email --email admin@reviewinnovations.com -d my.reviewinnovations.com
For reviewinnovations.com
certbot certonly --rsa-key-size 2048 --standalone --agree-tos --no-eff-email --email admin@reviewinnovations.com -d reviewinnovations.com
Both commands successfully generated the "renewal" of certificate. The problem is that the first one did not work.
I don't know where to start. How can I make this right?
3 Replies
According to an SSL Labs report I ran, the cert for that sub-domain expired on June 18th.
https://www.ssllabs.com/ssltest/analyze.html?d=my.reviewinnovations.com
Usually when I run certbot, it will check for all available domains and subdomains on the server and offer you the option to assign a certificate for all of them.
If that is the case then how can I force the server to use the newly renewed certificate? It looks like Certbot successfully renewed the certificate but failed to assign it to the subdomain. This is not my first time renewing the certificate and it always work seamlessly, except for now. I really don't know where to start, running the certbot certonly again already hit the limit.
And in addition, I have another domain with subdomains on the same server and they all works fine.
@LouWestin I followed your link and there is a certificate under the column Additional Certificates (if supplied) that will expire in 3 months. It is supposed to be the certificate to use, not the expired one.
How can I resolve this?