Server updates

[rmahlert]

I feel your pain.. I do not miss that from the Atari-users.net server.. and I had 5 virtual servers running on it to update.

[derkom]

I think the problem is

https://example.co.uk/ works

but these do not

https://www.example.co.uk/
www.example.co.uk/

As you have no doubt noticed, your certificate is valid for exxoshost.co.uk, not for www.exxosthost.co.uk.

I've never used getssl (have used certbot quit a bit though), but it looks from the documentation that you need to make sure you include the line 'SANS="www.exxosthost.co.uk"' in the config file if you want to get a cert that will work for the www hostname, not just the base domain name.

Do you have control over your own DNS, at least to the extent that you can add TEXT fields? If so, you could consider getting a wildcard cert from Let's Encrypt. But just getting a cert that covers "www" should be enough, and is probably an easier task.

[exxos]

I've never used getssl (have used certbot quit a bit though), but it looks from the documentation that you need to make sure you include the line 'SANS="www.exxosthost.co.uk"' in the config file if you want to get a cert that will work for the www hostname, not just the base domain name.

Do you have control over your own DNS, at least to the extent that you can add TEXT fields? If so, you could consider getting a wildcard cert from Let's Encrypt. But just getting a cert that covers "www" should be enough, and is probably an easier task.

I tried the HANS option, but it says other domains , it just errors if I put in the same domain name with www.

[exxos]

I've managed to log into github and opened a ticket with getssl , see what they say about it all.

[Badwolf]

Using Let's Encrypt? I've run into permissioning problems in the past although not normally with apache.

Yep..

I think the problem is

https://example.co.uk/ works

but these do not

https://www.example.co.uk/
www.example.co.uk/

Did you request exxoshost.co.uk or www.exxoshost.co.uk originally? I've always made the request with the www. prefix, although this (old) exchange implies you can list multiple: https://stackoverflow.com/questions/410 ... www-domain

But if certbot isn't working, I'd worry about that first. Sounds like a pretty big symptom.

BW

[derkom]

But if certbot isn't working, I'd worry about that first. Sounds like a pretty big symptom.

There's this, too. What broke certbot? I've found it to be a pretty bulletproof solution, and have had it in place on numerous servers for years with nary a problem.

[stephen_usher]

Certbot changed their distribution and install method, which only supports a very small number of "blessed" Linux distributions. They broke it for all other distros and operating systems.

[exxos]

Indeed :( I thought it would still work, just not get updates anymore. Either way, it started chucking out errors.. I didnt see the point in trying to fix it since I'm setting up my new server, I needed something else..

Getsll was the only one i could get working at all. It seemed to work fine. So thought I'd try and fix exxoshost .. Only I'm having problems :( I've only got a few days to fix it else my whole domain will come crashing down.

While I've made a lot of progress on the new server, it took huge efforts to get the forum ported over.. Random stuff was broken, I had to do a fresh install in the end :roll: but still lots to test and setup yet.. No way I can set everything up in under a week. So I need to fix exxoshost certs somehow..

[derkom]

Certbot changed their distribution and install method, which only supports a very small number of "blessed" Linux distributions. They broke it for all other distros and operating systems.

Really? Looking at https://certbot.eff.org/, I see a whole slew of Linux distros supported, including "other Linux" (which unfortunately requires installing snapd, but it's an option at least), as well as FreeBSD, OpenBSD, macOS, and Windows.

@exxos, if you can't get any of this stuff working on your server in time, you can still run certbot in manual mode, which you could do on your Windows machine at home, to get a certificate. It's not a good long term solution, since updates aren't automated, but it would buy you 90 days.

If you find yourself at wit's end, I'm sure there are numerous people on the forum, myself included, who would be willing to work out the problem for you, if you are so inclined.

[exxos]

Getsll has replied and looking into it.. I think he's a bit puzzled as well..

Re: cerbot.. It popped up itself its no longer supported.. But I thought just was because its old Ubuntu setup.. But I read they not doing updates for pretty much anything now.. So don't know what's going on there.