Floating IP deleted, Lets encrypt SSL not working anymore

August 30, 2016 1.3k views
Let's Encrypt Ubuntu
Defacta
By:
Defacta

All my website with SSL encrytion were working fine. I have deleted my Floating IP as I don't need it, and now I have only one website working with the LE SSL encryption.

So I have relaunch the command :
/opt/letsencrypt/letsencrypt-auto --apache --renew-by-default -d anotherwebsite.com -d www.anotherwebsite.com -d dev.anotherwebsite.com certonly

But the LE SSL encryption still doesn't work for anotherwebsite.com

I don't know what to do. When I try to go to https://anotherwebsite.com it tells me with Firefox Error Code : SSLERRORBADCERTDOMAIN

dev.anotherwebsite.com .com uses an invalid security certificate. The certificate is available only for the domains: mywebsite.com, dev.mywebsite.com, www.mywebsite.com

Indeed my LE SSL encryption is working for mywebsite.com

What can I do ? What do I have to check ?
Thanks for your help.

Log In to Comment
2 Answers
Defacta August 30, 2016

Found !

I had to change the apache config file /etc/apache2/sites-available/anotherwebsite.com-le-ssl.conf:

    <IfModule mod_ssl.c>
    <VirtualHost *:443>

to

    <IfModule mod_ssl.c>
    <VirtualHost XXX.XXX.XXX.XXX:443>

Where XXX.XXX.XXX.XXX is my public ip address.

The question is, why was it working like that before deleting my Digital Ocean Floating IP and by the way, changing my server public IP address ?

Anyway, it's working fine now :D

Reply
jasonsmith11 August 26, 2018

It works fine

https://www.ssllabs.com/ssltest/analyze.html?d=funnfrolic.co.uk&latest

You have a C, that is not good !!! Update your Settings !

SSLProtocol all -SSLv2 -SSLv3

SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA

SSLHonorCipherOrder on

Reply
Have another answer? Share your knowledge.

Related Questions