I think this i a certificate problem, not an Apache problem, so I hope someone here can help me:
I used wacs.exe on windows to generate the SSL-files. Put them in my Apache config, but when I start Apache, I get the error:
cert and key do not match
My domain is: scoutingtono.nl
I ran this command:
- Run command line as Administrator
- run wacs.exe --force
Within wacs.exe: - M (Creae new certificate (full options)
- 1 (Manual input)
- Enter host names: scoutingtono.nl,www.scoutingtono.nl
- Suggested friendly name ‘[Manual] scoutingtono.nl’:
- 1 ([http-01] Save verification files on (network) path
- Path to root of site: D:\websites\nl\scoutingtono\www
- Copy default Web.config before validation?: y
- 2: RSA key
- 2 PEM encoded files (Apache, nginx, etc.)
- Path to folder where .pem files are stored: C:\Server\certificates\certificaatfiles\nl\scoutingtono\www
-3: No (additional) store steps - 4: No (additional) installation steps
- Do you want to install the certificate?: y
- < Store with PemFiles…>
<Exporting .pem files to C:\Server\certificates\certificaatfiles\nl\scoutingtono\www>
- Do you want to automaically renew this certificate: y
<Path c:\Server\certificates\script>
<Command wacs.exe --renew --baseuri “https://acme-staging-v02.api.letsencrypt.org/”>
<Start at 09:00:00>
<Time limit 02:00:00>
- Do you want to specify the user the task will run as?: n
It produced this output:
In the directory C:\Server\certificates\certificaatfiles\nl\scoutingtono\www, there are now 3 files:
scoutingtono.nl-chain.pem
scoutingtono.nl-crt.pem
scoutingtono.nl-key.pem
My web server is (include version): Apache 2.4.27 as part of Wamp-server
The operating system my web server runs on is (include version): Windows 10
My hosting provider, if applicable, is: Hosting myself (yes, on the computer in the basement)
I can login to a root shell on my machine (yes or no, or I don’t know): I can log in as Administrator
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you’re using Certbot): WIN-ACME (from www.win-acme.com), 2.1.6.1 (64-bit, pluggable)
Contents of Apache httpd-vhosts.conf:
…
<VirtualHost *:443>
ServerAdmin webmaster@scoutingtono.nlt
ServerName www.scoutingtono.nl
DocumentRoot D:/websites/nl/scoutingtono/www/
RewriteEngine On
Redirect to the correct domain name
RewriteCond %{HTTP_HOST} !^www.scoutingtono.nl$ [NC]
RewriteRule ^/?(.*)$ https://www.scoutingtono.nl/$1 [NE,L,R=301]
SSLEngine on
SSLCertificateFile "C:/Server/certificates/certificaatfiles/nl/scoutingtono/www/scoutingtono.nl-crt.pem"
SSLCertificateKeyFile "C:/Server/certificates/certificaatfiles/nl/scoutingtono/www/scoutingtono.nl-key.pem"
SSLCertificateChainFile "C:/Server/certificates/certificaatfiles/nl/scoutingtono/www/scoutingtono.nl-chain.pem"
# Allow a dot (.) in the temporary directory which is created by win-acme
<Directory "D:/websites/nl/scoutingtono/www/.well_known">
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>
...
When I start Apache, I get the error message:
Certificate and private key www.scoutingtono.nl:443:0 from C:/Server/certificates/certificaatfiles/nl/scoutingtono/www/scoutingtono.nl-crt.pem and C:/Server/certificates/certificaatfiles/nl/scoutingtono/www/scoutingtono.nl-key.pem do not match
How should I proceed?
Many thanks in advance!