A+ with all 100%’s on SSL Labs

I’m using CentOS 8 with Apache. According to https://community.letsencrypt.org/t/howto-a-with-all-100-s-on-ssl-labs-test-using-apache2-4-read-warnings/2436, I did below steps:

# openssl dhparam -out /etc/ssl/private/dhparams.pem 4096

Then copy that file:

# cp /etc/ssl/private/dhparams.pem /etc/letsencrypt/archive/mydomain.net/

Then, added below lines into “httpd.conf”:

SSLOpenSSLConfCmd DHParameters "/etc/ssl/private/dhparams.pem"
SSLCertificateFile "/etc/letsencrypt/archive/mydomain.net/dhparams.pem"

After it, I did below command:

# openssl x509 -noout -in /etc/letsencrypt/live/mydomain.net/privkey.pem -pubkey

But I got below error:

unable to load certificate
140563944699712:error:0909006C:PEM routines:get_name:no start line:crypto/pem/pem_lib.c:745:Expecting: TRUSTED CERTIFICATE

Why? Which step is wrong?

Thank you.

4 posts were merged into an existing topic: Install Let’s Encrypt SSL Certificate on CentOS 8