How to create a second SSL certificate












0















I have a Let's encrypt certificate up and running for testweb.com on my home ubuntu server. In fact I created this testweb.com url because I didn't want to mess with my workingweb.com website, which is a squarespace website. At the moment, testweb.com/owncloud is a nextcloud webserver.



My goal is to move away from the testweb.com url and only use the workingweb.com url.



So it will be workingweb.com for squarespace and cloud.workingweb.com for my home nextcloud webserver.



I have create a cloud.workingweb.com website on the same home server but when I connect to it, it uses the testweb.com certificate.



So I tried to create a second let's encrypt certificate




sudo certbot --apache -d cloud.workingweb.com




but it returns...




Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for cloud.workingweb.com
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. cloud.workingweb.com (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://cloud.workingweb.com/.well-known/acme-challenge/xxxxxxxxxxxxxxxxxxxxxxxx: Timeout during connect (likely firewall problem)



IMPORTANT NOTES:
- The following errors were reported by the server:



Domain: cloud.workingweb.com
Type: connection
Detail: Fetching
http://cloud.workingweb.com/.well-known/acme-challenge/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx:



Timeout during connect (likely firewall problem)



To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you're using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.




And apart from the fact that I don't know how to create the certificate, I don't see how to use it in my Apache vhosts files.



I guess the certbot problem comes from the fact that I have a redirect from http to https.



Here are my vhosts...



000-default.conf 

<VirtualHost *:80>



    ServerName testweb.com

    ServerAlias www.testweb.com



    ServerAdmin webmaster@localhost

    DocumentRoot /var/www/html





    ErrorLog ${APACHE_LOG_DIR}/error.log

    CustomLog ${APACHE_LOG_DIR}/access.log combined

RewriteEngine on

RewriteCond %{SERVER_NAME} =testweb.com

RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

</VirtualHost>



000-default-le-ssl.conf 

<IfModule mod_ssl.c>

<VirtualHost *:443>

    ServerName testweb.com

    ServerAlias www.testweb.com



    ServerAdmin webmaster@localhost

    DocumentRoot /var/www/html





    ErrorLog ${APACHE_LOG_DIR}/error.log

    CustomLog ${APACHE_LOG_DIR}/access.log combined





SSLCertificateFile /etc/letsencrypt/live/ testweb.com/fullchain.pem

SSLCertificateKeyFile /etc/letsencrypt/live/ testweb.com/privkey.pem

Include /etc/letsencrypt/options-ssl-apache.conf

</VirtualHost>

</IfModule>



nextcloud.conf 

Alias /nextcloud "/var/www/owncloud/"



<Directory /var/www/owncloud/>

  Options +FollowSymlinks

  AllowOverride All



 <IfModule mod_dav.c>

  Dav off

 </IfModule>



 SetEnv HOME /var/www/owncloud

 SetEnv HTTP_HOME /var/www/owncloud



</Directory>



     <IfModule mod_headers.c>

          Header always set Strict-Transport-Security "max-age=15768000; preload"

     </IfModule>





cloud.workingweb.com.conf 

<VirtualHost *:443>

    ServerAdmin webmaster@localhost

    ServerName cloud. workingweb.com

    DocumentRoot /var/www/cloud.workingweb.com /public_html

    ErrorLog ${APACHE_LOG_DIR}/error.log

    CustomLog ${APACHE_LOG_DIR}/access.log combined



<Directory /var/www/cloud.workingweb.com /public_html/>

AllowOverride All

</Directory>



</VirtualHost>


BTW: I have /owncloud and not /nextcloud in cause I upgraded from a owncloud server to a nextcloud server and never changed the directory structure.



BTW2: Why do we always have to hide our real urls. It seems like a standard on forum...



Thank you so much, you brilliant minds.



:-)






apache2 ssl







share|improve this question



























    0















    I have a Let's encrypt certificate up and running for testweb.com on my home ubuntu server. In fact I created this testweb.com url because I didn't want to mess with my workingweb.com website, which is a squarespace website. At the moment, testweb.com/owncloud is a nextcloud webserver.



    My goal is to move away from the testweb.com url and only use the workingweb.com url.



    So it will be workingweb.com for squarespace and cloud.workingweb.com for my home nextcloud webserver.



    I have create a cloud.workingweb.com website on the same home server but when I connect to it, it uses the testweb.com certificate.



    So I tried to create a second let's encrypt certificate




    sudo certbot --apache -d cloud.workingweb.com




    but it returns...




    Saving debug log to /var/log/letsencrypt/letsencrypt.log
    Plugins selected: Authenticator apache, Installer apache
    Obtaining a new certificate
    Performing the following challenges:
    http-01 challenge for cloud.workingweb.com
    Waiting for verification...
    Cleaning up challenges
    Failed authorization procedure. cloud.workingweb.com (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://cloud.workingweb.com/.well-known/acme-challenge/xxxxxxxxxxxxxxxxxxxxxxxx: Timeout during connect (likely firewall problem)



    IMPORTANT NOTES:
    - The following errors were reported by the server:



    Domain: cloud.workingweb.com
    Type: connection
    Detail: Fetching
    http://cloud.workingweb.com/.well-known/acme-challenge/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx:



    Timeout during connect (likely firewall problem)



    To fix these errors, please make sure that your domain name was
    entered correctly and the DNS A/AAAA record(s) for that domain
    contain(s) the right IP address. Additionally, please check that
    your computer has a publicly routable IP address and that no
    firewalls are preventing the server from communicating with the
    client. If you're using the webroot plugin, you should also verify
    that you are serving files from the webroot path you provided.




    And apart from the fact that I don't know how to create the certificate, I don't see how to use it in my Apache vhosts files.



    I guess the certbot problem comes from the fact that I have a redirect from http to https.



    Here are my vhosts...



    000-default.conf 
    
<VirtualHost *:80>
    

    
    ServerName testweb.com
    
    ServerAlias www.testweb.com
    

    
    ServerAdmin webmaster@localhost
    
    DocumentRoot /var/www/html
    

    

    
    ErrorLog ${APACHE_LOG_DIR}/error.log
    
    CustomLog ${APACHE_LOG_DIR}/access.log combined
    
RewriteEngine on
    
RewriteCond %{SERVER_NAME} =testweb.com
    
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
    
</VirtualHost>
    

    
000-default-le-ssl.conf 
    
<IfModule mod_ssl.c>
    
<VirtualHost *:443>
    
    ServerName testweb.com
    
    ServerAlias www.testweb.com
    

    
    ServerAdmin webmaster@localhost
    
    DocumentRoot /var/www/html
    

    

    
    ErrorLog ${APACHE_LOG_DIR}/error.log
    
    CustomLog ${APACHE_LOG_DIR}/access.log combined
    

    

    
SSLCertificateFile /etc/letsencrypt/live/ testweb.com/fullchain.pem
    
SSLCertificateKeyFile /etc/letsencrypt/live/ testweb.com/privkey.pem
    
Include /etc/letsencrypt/options-ssl-apache.conf
    
</VirtualHost>
    
</IfModule>
    

    
nextcloud.conf 
    
Alias /nextcloud "/var/www/owncloud/"
    

    
<Directory /var/www/owncloud/>
    
  Options +FollowSymlinks
    
  AllowOverride All
    

    
 <IfModule mod_dav.c>
    
  Dav off
    
 </IfModule>
    

    
 SetEnv HOME /var/www/owncloud
    
 SetEnv HTTP_HOME /var/www/owncloud
    

    
</Directory>
    

    
     <IfModule mod_headers.c>
    
          Header always set Strict-Transport-Security "max-age=15768000; preload"
    
     </IfModule>
    

    

    
cloud.workingweb.com.conf 
    
<VirtualHost *:443>
    
    ServerAdmin webmaster@localhost
    
    ServerName cloud. workingweb.com
    
    DocumentRoot /var/www/cloud.workingweb.com /public_html
    
    ErrorLog ${APACHE_LOG_DIR}/error.log
    
    CustomLog ${APACHE_LOG_DIR}/access.log combined
    

    
<Directory /var/www/cloud.workingweb.com /public_html/>
    
AllowOverride All
    
</Directory>
    

    
</VirtualHost>


    BTW: I have /owncloud and not /nextcloud in cause I upgraded from a owncloud server to a nextcloud server and never changed the directory structure.



    BTW2: Why do we always have to hide our real urls. It seems like a standard on forum...



    Thank you so much, you brilliant minds.



    :-)






    apache2 ssl







    share|improve this question

























      0












      0








      0








      I have a Let's encrypt certificate up and running for testweb.com on my home ubuntu server. In fact I created this testweb.com url because I didn't want to mess with my workingweb.com website, which is a squarespace website. At the moment, testweb.com/owncloud is a nextcloud webserver.



      My goal is to move away from the testweb.com url and only use the workingweb.com url.



      So it will be workingweb.com for squarespace and cloud.workingweb.com for my home nextcloud webserver.



      I have create a cloud.workingweb.com website on the same home server but when I connect to it, it uses the testweb.com certificate.



      So I tried to create a second let's encrypt certificate




      sudo certbot --apache -d cloud.workingweb.com




      but it returns...




      Saving debug log to /var/log/letsencrypt/letsencrypt.log
      Plugins selected: Authenticator apache, Installer apache
      Obtaining a new certificate
      Performing the following challenges:
      http-01 challenge for cloud.workingweb.com
      Waiting for verification...
      Cleaning up challenges
      Failed authorization procedure. cloud.workingweb.com (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://cloud.workingweb.com/.well-known/acme-challenge/xxxxxxxxxxxxxxxxxxxxxxxx: Timeout during connect (likely firewall problem)



      IMPORTANT NOTES:
      - The following errors were reported by the server:



      Domain: cloud.workingweb.com
      Type: connection
      Detail: Fetching
      http://cloud.workingweb.com/.well-known/acme-challenge/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx:



      Timeout during connect (likely firewall problem)



      To fix these errors, please make sure that your domain name was
      entered correctly and the DNS A/AAAA record(s) for that domain
      contain(s) the right IP address. Additionally, please check that
      your computer has a publicly routable IP address and that no
      firewalls are preventing the server from communicating with the
      client. If you're using the webroot plugin, you should also verify
      that you are serving files from the webroot path you provided.




      And apart from the fact that I don't know how to create the certificate, I don't see how to use it in my Apache vhosts files.



      I guess the certbot problem comes from the fact that I have a redirect from http to https.



      Here are my vhosts...



      000-default.conf 
      
<VirtualHost *:80>
      

      
    ServerName testweb.com
      
    ServerAlias www.testweb.com
      

      
    ServerAdmin webmaster@localhost
      
    DocumentRoot /var/www/html
      

      

      
    ErrorLog ${APACHE_LOG_DIR}/error.log
      
    CustomLog ${APACHE_LOG_DIR}/access.log combined
      
RewriteEngine on
      
RewriteCond %{SERVER_NAME} =testweb.com
      
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
      
</VirtualHost>
      

      
000-default-le-ssl.conf 
      
<IfModule mod_ssl.c>
      
<VirtualHost *:443>
      
    ServerName testweb.com
      
    ServerAlias www.testweb.com
      

      
    ServerAdmin webmaster@localhost
      
    DocumentRoot /var/www/html
      

      

      
    ErrorLog ${APACHE_LOG_DIR}/error.log
      
    CustomLog ${APACHE_LOG_DIR}/access.log combined
      

      

      
SSLCertificateFile /etc/letsencrypt/live/ testweb.com/fullchain.pem
      
SSLCertificateKeyFile /etc/letsencrypt/live/ testweb.com/privkey.pem
      
Include /etc/letsencrypt/options-ssl-apache.conf
      
</VirtualHost>
      
</IfModule>
      

      
nextcloud.conf 
      
Alias /nextcloud "/var/www/owncloud/"
      

      
<Directory /var/www/owncloud/>
      
  Options +FollowSymlinks
      
  AllowOverride All
      

      
 <IfModule mod_dav.c>
      
  Dav off
      
 </IfModule>
      

      
 SetEnv HOME /var/www/owncloud
      
 SetEnv HTTP_HOME /var/www/owncloud
      

      
</Directory>
      

      
     <IfModule mod_headers.c>
      
          Header always set Strict-Transport-Security "max-age=15768000; preload"
      
     </IfModule>
      

      

      
cloud.workingweb.com.conf 
      
<VirtualHost *:443>
      
    ServerAdmin webmaster@localhost
      
    ServerName cloud. workingweb.com
      
    DocumentRoot /var/www/cloud.workingweb.com /public_html
      
    ErrorLog ${APACHE_LOG_DIR}/error.log
      
    CustomLog ${APACHE_LOG_DIR}/access.log combined
      

      
<Directory /var/www/cloud.workingweb.com /public_html/>
      
AllowOverride All
      
</Directory>
      

      
</VirtualHost>


      BTW: I have /owncloud and not /nextcloud in cause I upgraded from a owncloud server to a nextcloud server and never changed the directory structure.



      BTW2: Why do we always have to hide our real urls. It seems like a standard on forum...



      Thank you so much, you brilliant minds.



      :-)






      apache2 ssl







      share|improve this question














      I have a Let's encrypt certificate up and running for testweb.com on my home ubuntu server. In fact I created this testweb.com url because I didn't want to mess with my workingweb.com website, which is a squarespace website. At the moment, testweb.com/owncloud is a nextcloud webserver.



      My goal is to move away from the testweb.com url and only use the workingweb.com url.



      So it will be workingweb.com for squarespace and cloud.workingweb.com for my home nextcloud webserver.



      I have create a cloud.workingweb.com website on the same home server but when I connect to it, it uses the testweb.com certificate.



      So I tried to create a second let's encrypt certificate




      sudo certbot --apache -d cloud.workingweb.com




      but it returns...




      Saving debug log to /var/log/letsencrypt/letsencrypt.log
      Plugins selected: Authenticator apache, Installer apache
      Obtaining a new certificate
      Performing the following challenges:
      http-01 challenge for cloud.workingweb.com
      Waiting for verification...
      Cleaning up challenges
      Failed authorization procedure. cloud.workingweb.com (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://cloud.workingweb.com/.well-known/acme-challenge/xxxxxxxxxxxxxxxxxxxxxxxx: Timeout during connect (likely firewall problem)



      IMPORTANT NOTES:
      - The following errors were reported by the server:



      Domain: cloud.workingweb.com
      Type: connection
      Detail: Fetching
      http://cloud.workingweb.com/.well-known/acme-challenge/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx:



      Timeout during connect (likely firewall problem)



      To fix these errors, please make sure that your domain name was
      entered correctly and the DNS A/AAAA record(s) for that domain
      contain(s) the right IP address. Additionally, please check that
      your computer has a publicly routable IP address and that no
      firewalls are preventing the server from communicating with the
      client. If you're using the webroot plugin, you should also verify
      that you are serving files from the webroot path you provided.




      And apart from the fact that I don't know how to create the certificate, I don't see how to use it in my Apache vhosts files.



      I guess the certbot problem comes from the fact that I have a redirect from http to https.



      Here are my vhosts...



      000-default.conf 
      
<VirtualHost *:80>
      

      
    ServerName testweb.com
      
    ServerAlias www.testweb.com
      

      
    ServerAdmin webmaster@localhost
      
    DocumentRoot /var/www/html
      

      

      
    ErrorLog ${APACHE_LOG_DIR}/error.log
      
    CustomLog ${APACHE_LOG_DIR}/access.log combined
      
RewriteEngine on
      
RewriteCond %{SERVER_NAME} =testweb.com
      
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
      
</VirtualHost>
      

      
000-default-le-ssl.conf 
      
<IfModule mod_ssl.c>
      
<VirtualHost *:443>
      
    ServerName testweb.com
      
    ServerAlias www.testweb.com
      

      
    ServerAdmin webmaster@localhost
      
    DocumentRoot /var/www/html
      

      

      
    ErrorLog ${APACHE_LOG_DIR}/error.log
      
    CustomLog ${APACHE_LOG_DIR}/access.log combined
      

      

      
SSLCertificateFile /etc/letsencrypt/live/ testweb.com/fullchain.pem
      
SSLCertificateKeyFile /etc/letsencrypt/live/ testweb.com/privkey.pem
      
Include /etc/letsencrypt/options-ssl-apache.conf
      
</VirtualHost>
      
</IfModule>
      

      
nextcloud.conf 
      
Alias /nextcloud "/var/www/owncloud/"
      

      
<Directory /var/www/owncloud/>
      
  Options +FollowSymlinks
      
  AllowOverride All
      

      
 <IfModule mod_dav.c>
      
  Dav off
      
 </IfModule>
      

      
 SetEnv HOME /var/www/owncloud
      
 SetEnv HTTP_HOME /var/www/owncloud
      

      
</Directory>
      

      
     <IfModule mod_headers.c>
      
          Header always set Strict-Transport-Security "max-age=15768000; preload"
      
     </IfModule>
      

      

      
cloud.workingweb.com.conf 
      
<VirtualHost *:443>
      
    ServerAdmin webmaster@localhost
      
    ServerName cloud. workingweb.com
      
    DocumentRoot /var/www/cloud.workingweb.com /public_html
      
    ErrorLog ${APACHE_LOG_DIR}/error.log
      
    CustomLog ${APACHE_LOG_DIR}/access.log combined
      

      
<Directory /var/www/cloud.workingweb.com /public_html/>
      
AllowOverride All
      
</Directory>
      

      
</VirtualHost>


      BTW: I have /owncloud and not /nextcloud in cause I upgraded from a owncloud server to a nextcloud server and never changed the directory structure.



      BTW2: Why do we always have to hide our real urls. It seems like a standard on forum...



      Thank you so much, you brilliant minds.



      :-)






      apache2 ssl




      apache2 ssl






      share|improve this question













      share|improve this question











      share|improve this question




      share|improve this question










      asked Dec 26 '18 at 17:10









      EdwinEdwin

      548




      548






















          0






          active

          oldest

          votes











          Your Answer








          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "89"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: true,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: 10,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });














          draft saved

          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1104701%2fhow-to-create-a-second-ssl-certificate%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown

























          0






          active

          oldest

          votes








          0






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes
















          draft saved

          draft discarded




















































          Thanks for contributing an answer to Ask Ubuntu!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1104701%2fhow-to-create-a-second-ssl-certificate%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          -

          Popular posts from this blog

          Ellipse (mathématiques)

          Image
          Pour les articles homonymes, voir Ellipse. L'ellipse est le lieu des points dont la somme des distances à deux points fixes, dits foyers, est constante. Section du cône ou projection du cercle. En géométrie, une ellipse est une courbe plane fermée obtenue par l’intersection d’un cône de révolution avec un plan, à condition que celui-ci coupe l'axe de rotation du cône ou du cylindre : c'est une conique d'excentricité strictement comprise entre 0 et 1. On peut également la définir comme le lieu des points dont la somme des distances à deux points fixes, dits foyers, est constante (sa construction par la méthode du jardinier est très simple). Dans la vie courante, l’ellipse est la forme qu'on perçoit en regardant un cercle en perspective, ou la figure formée par l’ombre d'un disque sur une surface plane. On retrouve aussi, en première approximation [ 1 ] , des ellipses dans les trajectoires des corps célestes (planètes, comètes ou satellites arti
          Read more

          Quarter-circle Tiles

          Image
          up vote 0 down vote favorite I have $99$ identical square tiles, each with a quarter-circle drawn on it like this: [asy] size(1.5cm); draw(Arc((2,0),1,90,180),red+1); draw((0,0)--(2,0)--(2,2)--(0,2)--(0,0)); [/asy] When I arrange the tiles in a $9times 11$ rectangular grid, each with a random orientation, what is the expected value of the number of full circles I form? I think this problem has to do with finding the chance any given 2x2 square has a circle, but I can't find it. expected-value share | cite | improve this question asked Nov 20 at 15:03 6minecraftninja 1 2
          Read more

          Mont Emei

          Image
          Mont Emei.mw-parser-output .entete.map{background-image:url("//upload.wikimedia.org/wikipedia/commons/7/7a/Picto_infobox_map.png")} Vue du sommet Wanfo du mont Emei Géographie Altitude 3 099  m , Wanfo Coordonnées 29° 31′ 11″ nord, 103° 19′ 57″ est Administration Pays   Chine Province Sichuan Ville-préfecture Leshan Géolocalisation sur la carte : Sichuan Mont Emei Géolocalisation sur la carte : Chine Mont Emei modifier   Paysage panoramique du mont Emei, incluant le paysage panoramique du grand Bouddha de Leshan *   Patrimoine mondial de l'UNESCO Passerelle en bois sur le versant ouest Pays   Chine Subdivision Sichuan Type Mixte Critères (iv) (vi) (x) Superficie 15 400 ha Numéro d’identification 779 Zone géographique Asie et Pacifique  ** Année d’inscription 1996 (20 e session) * Descriptif officiel UNESCO ** Classification géog
          Read more