I am trying to install a certificate on a server running RHEL 7 and Apache 2.4.6. Normally, this server is part of a round-robin DNS rotation and has multiple virtual hostnames. Right now, it is not in the rotation, so I just want to set up the certificate for one hostname. I split /etc/httpd/conf.d/vhosts.conf into multiple files, one per each virtual host. When I ran
certbot --auto
I selected the one hostname when prompted. I was not asked for an email address. I also selected the “Secure” option to forward http to https.
Now, when I go to the https site, I get a warning that the page is not secure, and HTTPS is broken. The error is:
There are issues with the site's certificate chain (net:ERR_CERT_AUTHORITY_INVALID).
When I view the certificate, the certificate is issued by the server’s own hostname, with organization listed as SomeOrganization, and the Oranizational Unit as SomeOrganizationalUnit. In the past, I’ve successfully installed Let’s Encrypt certificates on Apache servers on RHEL 6, and the “issued by” organization was Let’s Encrypt.
When I go to the http site, it does not redirect to the https version.
How do I fix this? I have already tried restarting Apache. I’ve also tried re-running certbot to reinstall the certificate.