Question

Floating IP deleted, Lets encrypt SSL not working anymore

Posted August 30, 2016 2.4k views
UbuntuLet's Encrypt

All my website with SSL encrytion were working fine. I have deleted my Floating IP as I don’t need it, and now I have only one website working with the LE SSL encryption.

So I have relaunch the command :
/opt/letsencrypt/letsencrypt-auto –apache –renew-by-default -d anotherwebsite.com -d www.anotherwebsite.com -d dev.anotherwebsite.com certonly

But the LE SSL encryption still doesn’t work for anotherwebsite.com

I don’t know what to do. When I try to go to https://anotherwebsite.com it tells me with Firefox Error Code : SSLERRORBADCERTDOMAIN

dev.anotherwebsite.com .com uses an invalid security certificate. The certificate is available only for the domains: mywebsite.com, dev.mywebsite.com, www.mywebsite.com

Indeed my LE SSL encryption is working for mywebsite.com

What can I do ? What do I have to check ?
Thanks for your help.

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
2 answers

Found !

I had to change the apache config file /etc/apache2/sites-available/anotherwebsite.com-le-ssl.conf:

    <IfModule mod_ssl.c>
    <VirtualHost *:443>

to

    <IfModule mod_ssl.c>
    <VirtualHost XXX.XXX.XXX.XXX:443>

Where XXX.XXX.XXX.XXX is my public ip address.

The question is, why was it working like that before deleting my Digital Ocean Floating IP and by the way, changing my server public IP address ?

Anyway, it’s working fine now :D

It works fine

https://www.ssllabs.com/ssltest/analyze.html?d=funnfrolic.co.uk&latest

You have a C, that is not good !!! Update your Settings !

SSLProtocol all -SSLv2 -SSLv3

SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA

SSLHonorCipherOrder on

Submit an Answer