Let’s Encrypt: how to fix error Received 2 certificate(s), first certificate had names


You could give this error when renew Let’s Encrypt certificate

1
2
3
4
5
6
7
8
9
10
11
IMPORTANT NOTES:
 - The following errors were reported by the server:
 
   Domain: ws.tutorialspots.xyz
   Type:   unauthorized
   Detail: Incorrect validation certificate for tls-sni-01 challenge.
   Requested
   49dd404dd072a5bd768a61335c5b1337.8d41679c83e3fa32a7fdd48bf4a6d5a8.acme.invali
d
   from 111.111.111.111:443. Received 2 certificate(s), first
   certificate had names "ws.tutorialspots.xyz"

How to fix this error:

Simple, you can use this command:

1
./certbot-auto certonly -d ws.tutorialspots.xyz --manual

Result:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
[root@tutorialspots ~]# ./certbot-auto certonly -d ws.tutorialspots.xyz --manual
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator manual, Installer None
Cert is due for renewal, auto-renewing...
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for ws.gochat.xyz
 
-------------------------------------------------------------------------------
NOTE: The IP of this machine will be publicly logged as having requested this
certificate. If you're running certbot in manual mode on a machine that is not
your server, please ensure you're okay with that.
 
Are you OK with your IP being logged?
-------------------------------------------------------------------------------
(Y)es/(N)o: y
 
-------------------------------------------------------------------------------
Create a file containing just this data:
 
YMyGrPdjLaie0P_OCnv4hlCI-t2MBW5Y6SEOjMVknFo.0ltpGUp4YFjKO3JAqFytoi5L8yPwKhy3WwEY
XkvDkSw
 
And make it available on your web server at this URL:
 
6SEOjMVknFo
 
-------------------------------------------------------------------------------
Press Enter to Continue
Waiting for verification...
Cleaning up challenges
 
IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/ws.tutorialspots.xyz/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/ws.tutorialspots.xyz/privkey.pem
   Your cert will expire on 2018-05-02. To obtain a new or tweaked
   version of this certificate in the future, simply run certbot-auto
   again. To non-interactively renew *all* of your certificates, run
   "certbot-auto renew"
 - If you like Certbot, please consider supporting our work by:
 
   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le

Leave a Reply