Set up SSL for all domain, same IP address, one instance

Keywords: LAMP/MAMP/WAMP - AWS - Technical issue - Secure Connections (SSL/HTTPS)
bnsupport ID: b081e0d2-075c-d862-b8ce-00090e5cf82d
I host my website on Amazon Lightsail. I have 1 instance with the static IP address
I have total 4 domains:,, and
When my certificate for is expired, I renew using sudo /opt/bitnami/bncert-tool and receive the message:

An error occurred revoking certificates with Let’s Encrypt:

2021/05/21 17:35:05 Error while revoking the certificate for domain
acme: error: 403 :: POST :: ::
urn:ietf:params:acme:error:unauthorized :: Certificate is expired

However, the SSL for is working find.
I tried to restore the original bitnami.conf file and httpd.conf file
follow by this topic: One instance, multiple domains, multiple IPs
I also try to Run The Bitnami HTTPS Configuration Tool
However, when I run sudo /opt/bitnami/bncert-tool, the error is still the same.
Can anyone help me to figure out what is wrong with this, please!
Thank you so much!

Hello @tien,

Accessing your site I can see your certificate is expired.

You can revoke a valid certificate using the next guide. However, if the certificate is not valid, you can’t revoke it but you can request a new one

I hope it helps

Thanks for your reply @davidg.
I did it many times but I still receive the same error.

Here is my bitnami-ssl.conf file:

DocumentRoot “/opt/bitnami/apache/htdocs”
SSLEngine on
SSLCertificateFile “/opt/bitnami/apache/conf/bitnami/certs/server.crt”
SSLCertificateKeyFile “/opt/bitnami/apache/conf/bitnami/certs/server.key”

<Directory “/opt/bitnami/apache/htdocs”>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted

Error Documents

ErrorDocument 503 /503.html

Hello @tien,

In order to renew your certificates you should follow this guide:

Basically, these are the steps:

  sudo /opt/bitnami/ stop apache
  sudo /opt/bitnami/letsencrypt/lego --tls --email="EMAIL-ADDRESS" --domains="DOMAIN" --path="/opt/bitnami/letsencrypt" renew --days 90
  sudo /opt/bitnami/ start apache

There, you can provide all your domains with the --domains=DOMAIN1, --domains=DOMAIN2

The next steps in the documentation explain how to automate the process.

Please try these steps and share a new support tool output if you face issues.

Alternatively, if the certificates where revoke, you could generate them again:


Hi! I did run the command but the website is still Not Secure.
Here is what I got

bitnami@ip-172-26-6-215:~$ sudo /opt/bitnami/ stop apache
Stopped apache
bitnami@ip-172-26-6-215:~$ sudo /opt/bitnami/letsencrypt/lego --tls --email="customerservic" --path="/opt/bitnami/letsencrypt"
 renew --days 90
2021/05/25 15:00:48 [INFO] [] acme: Trying renewal with 2157 hou
rs remaining
2021/05/25 15:00:48 [INFO] [,] a
cme: Obtaining bundled SAN certificate
2021/05/25 15:00:48 [INFO] [] AuthURL: https://acme-v02.api.lets
2021/05/25 15:00:48 [INFO] [] AuthURL: https://acme-v02.api.
2021/05/25 15:00:48 [INFO] [] acme: authorization already valid;
 skipping challenge
2021/05/25 15:00:48 [INFO] [] acme: authorization already va
lid; skipping challenge
2021/05/25 15:00:48 [INFO] [,] a
cme: Validations succeeded; requesting certificates
2021/05/25 15:00:49 [INFO] [] Server responded with a certificat

I also tried 4 steps on the Alternative Approach Document.
At step 3, I run this line

sudo chown root:root /opt/bitnami/apache2/conf/bitnami/certs/server*
sudo chmod 600 /opt/bitnami/apache2/conf/bitnami/certs/server*

I received this

Then I retried sudo /opt/bitnami/bncert-tool, I still get errors:

\Warning: Certificates may not renew automatically, due to a web server 
configuration issue. For more information see:
Press [Enter] to continue:
Some errors occurred

The configuration was applied, but some of the changes could not be applied. 
Find the details below.

The configuration report is shown below.

Failed steps:
* Creating Let's Encrypt certificate: Automatic renewal not working

Hello @tien,

I think the problem is you have updated but not You have to options:

  1. Renew
sudo /opt/bitnami/ stop apache
sudo /opt/bitnami/letsencrypt/lego --tls --email="" --path="/opt/bitnami/letsencrypt" renew --days 90
  1. Change your Apache configuration to point to
SSLCertificateFile "/opt/bitnami/apache/conf/"
SSLCertificateKeyFile "/opt/bitnami/apache/conf/"


Hello @davidg !
It’s working right now! Yay! :heart_eyes:
I already included www when I renew it, restart apache but it didn’t work.
So I decided to Stop the instance and Start it again and it’s work for all the domain and subdomain.
Thanks so much for your help. I appreciate that!

Nice. I’m glad you made it work.


This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.