The new version installs apparently successfully on the newly imaged server. But there are no certificates for the “virtual” domains and the certificate for the main domain is not accepted by my android mail client, nor by firefox.
In the previous version, I recollect it was possible to force certbot to provision certificates from the system admin, but I can find no way now to do so.
The status report states ‘The domain name does not resolve to this machine: [Not Set] (A), [Not Set] (AAAA).’ but this should not be so since the box should have set up the DNS correctly – exactly as it has been for the last year or more.
I suppose (hope) that the incorrect dns reports will self-correct after some number of hours, but…
Should I try to run certbot from the cli, or would that mess with the automatic provisioning?
what can I do about the main domain certificate being rejected by clients?