web/mail certificate problems

Okay. I've sent the log in mail to support, and provided additional background and specifics.

Affected app is a LAMP instance. I did a reconfigure just prior to taking log. (In this case, unchecked the box "Enable automatic daily backups".)

I uploaded same log file twice; was unclear how to confirm that the upload successfully completed. I don't feed any feedback; I'll assume upload succeeded.

A point of clarification. Unfortunately, I had the certificates before going to Cloudron because I was trying to do Postfix and Dovecot on my own, which of course proved problematic. The websites were already alive and stable. I dismantled this so that I could let Cloudron take over. I did not add new certificates after install Cloudron.

So now I have mail running, but the websites are now advertising themselves as untrusted. I am not going to send mail to new contacts from the working mail address because they are going to check out the websites and conclude the business entity is a fraud.

Apparently, there is a way to revoke my original certificates. ("certbot revoke --cert-path path-to-old.pem") Would that help, or should Cloudron have already overridden the prior certificates?

I am trying to sustain a system with multiple domains using the LAMP app and also running mail for one of the domains.

Before moving to Cloudron, I had acquired certificates via Let's Encrypt. Now there are different certificates being used by Cloudron on my server. When I access the website by http://www.domain1.com, I now get back this message in one browser:

This Connection Is Not Private
This website may be impersonating "domain1.com" to steal
your personal or financial information. You should go back 
to the previous page.

Another has a similar page, but adds

NET::ERR_CERT_AUTHORITY_INVALID

Clicking on that message shows the following and more:

Subject: cloudron-2018-06-16T20:05:40.732Z
Issuer: cloudron-2018-06-16T20:05:40.732Z
Expires on: Jun 13, 2028
Current date: Jul 10, 2018
PEM encoded chain:
-----BEGIN CERTIFICATE-----
MIIDKzCCAhOgAwIBAgIJAJdNp4k9UOMIMA0GCSqGSIb3DQEBCwUAMCwxKjAoBgNV

For now, I've removed ".htaccess" to eliminate any redirect issues.

I am concerned that there is a conflict between the certificate that I originally obtained for two domains, and the new one obtained automagically by Cloudron, hence the ominous messages. To complicate matters, I now have SMTP+IMAP running, presumably with authentication, and a related if not identical Cloudron certificate; I'd like not to kill that now.

Is there a way I can use either my original or new Cloudron certificate so that I can have both usable mail and websites??

I assume after I get this resolved, I can go back to redirecting bare domain to www.domain or vice versa.

If anyone is suspicious, yes this is related to my earlier query at
https://forum.cloudron.io/topic/1389/hosting-many-domains
and this is why that one is not marked as resolved.

@nebulon This is related somehow to Stripe? Link went to Stripe login page.

@msbt So if I understand correctly, although I have one virtual server, I will need a separate IP address for each domain name.

To all:
Just to recap, I had a multi-site nginx config handling several domain names on the same virtual server, with single IP address. The wrinkle that caused me/us to come to Cloudron was the pain of setting up a secure mail server; I was recommended here by another Cloudron user.

It has been suggested to me as a fallback that I restore the multi-site nginx config, and put the mail server that I need in a separate Cloudron (or on my friend's Cloudron). This sounds like I need:

A       domain1.com             IP1
A       domain2.com             IP1
...
A       domainN.com             IP1
A       www.domain1.com         IP1
A       www.domain2.com         IP1
...
A       www.domainN.com         IP1
A       my.domain1.com          IP2
A       my.domain2.com          IP2
MX      domain1.com             IP2
MX      domain2.com             IP2

Currently, I have 6 domains, mostly with independent content. Only one of these needs mail now, but I anticipate another needing it in a few months.

In fact, can Cloudron handle mail for multiple domain names on a single server?

I now have the LAMP app running on subdomain "www" of "domain1.com". I've added my version of the redirect shown at the bottom of the "Apps" page in the Knowledge Base. That is, in ".htaccess", I have

redirect 301 / https://domain1.com/

I have added the second domain, "domain2.com". So far, I have not found a way to add content for it.

Peering though the web terminal, which drops me into "/app/data", I can go down to "public" and see the content I added for the first website. Is there a way to enable a second path for the second domain?

To make matters stranger, I decided to try "https://www.domain2.com". This took me to the login page for "https://my.domain1.com".

Thanks, adding the domains turned out to be straight-forward.

Enabling a web service is getting me in trouble. I've tried both the LAMP and Surfer apps; if I simply use the registered domain, e.g., "foosite.tld" and I already have A, MX, and other records for that domain, then installation results in app status as "Error" (below domain name ion app icon of Your Apps). Hovering over "Error" shows "DNS record already exists", and clicking on it gives a pop-up:

Error for foosite.tld

The DNS record for this location already exists. Manually remove the DNS record and then click on repair.

[Late update] I'm working through this part.... It seems the solution is use "www" as the subdomain and do something later with .htaccess, although this might not be completely necessary.

I have a lightly used server instance which originally was configured to run Nginx and serve several independent domains. The sites were currently static, but I was going to deploy apps based on Flask or Pyramid (using Python 3). I've taken those down for now to bring up Cloudron with email, which we now have working. (i only needed email for one domain.)

I would like to bring the previous sites back. They originally configured as "sites-enabled" under Ubuntu 16.04. So far as I can tell, Cloudron will only let me deploy one domain name. (At least, this is from looking at the LAMP and Surfer apps in the App Store.) I'm tempted to go modify an nginx.conf file somewhere, but it is not clear how to do this in a Cloudron-compatible way.

To complicate matters, a domain registrar audited my sites and urged me to use HTTPS, which led to registering the domains with Let's Encrypt. (For now, it's one common certificate for all of the domains.)

Is there a straight-forward way to host/restore my many domains, and also get HTTPS enabled for them?