Hi.
Let’s Encrypt certificate renewal issue is back 
How can I fix this?
search for letsencrypt 400, has been handled a lot of times.
Unfortunately, I already maggled all the solutions a few months ago when the error occurred the first time.
Maybe the problem of hestia is the subdomain?
I have no problem with normal domains - other domains have properly renewed certificates.
Lets Encrypt works great on the address wichry-wojny.eu, do I also need a separate certificate on the subdomain socket.wichry-wojny.eu or is one certificate enough?
You a certificate that covers any name that will be accessed over HTTPS, whether it is is own certificate or included in the SAN list of another.
You really need to fixed your broken DNS.
https://dnsviz.net/d/wichry-wojny.eu/servers/
OK.
Fix broken DNS - what should I do?
What did the link I shared tell you?
Well, he didn’t tell me much. I see that I have DNS to my server for the main domain - and for the child zone I do not have it set. But what should I do next?
DNS is set for subdomains.
http://socket.wichry-wojny.eu/.well-known/acme-challenge/04XklpCmEze-afeafwefa
Returns a 404 that should never be possible…
Well, only I didn’t do anything, I don’t know why it returns an error
When I add the LE certificate for the first time, it works, and refreshing the certificate gives an error - and it was the same 3 months ago 
It helped to remove the socket.wichry-wojny.eu subdomain, re-create the socket.wichry-wojny.eu subdomain and re-set the LE certificate ;/ but it’s stupid ;/
The report I shared showed that your authoritative DNS includes 2 hostnames that point to the same IP. At the time I shared the link, neither had the required glue record in the parent zone.
You also have two other authoritative nameservers listed. Are you keeping their data synchronized with the zone running on your Hestia host?
1 Like
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.