Certbot certificate has been set up but site cannot be accessed via https

My domain is: vistaman.ftp.sh

I ran this command: certbot --apache --agree-tos

It produced this output: The requested apache plugin does not appear to be installed

My web server is (include version): Apache 2.4

The operating system my web server runs on is (include version): Windows 10 21H2 (19044.1288)

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): Certbot 2.6.0

I'm using UwAmp and freedns.afraid.org if that helps.
When trying to access the site with https on Firefox, I get a "Secure Connection Failed" because "the authenticity of the received data could not be verified".
Also, if accessing the domain on Firefox for the first time, I get a "SEC_ERROR_UNKNOWN_ISSUER".

certbot isn't really made or windows but added as second thought.
if you are using windows try https://certifytheweb.com/ it's free up to 3 certs


What do I do after installing it?

it's gui, and its wizard will guide you through


I have generated a certificate using the app you mentioned, however I get the same error. Do I need to do anything else to make it work?

task- deployment task - add - deploy for apache - fill paths for parameter tab -
@webprofusion is maker of that so he should known better than me


What do I type as the paths? I can't find it.

you'd set some path readable by apache user and change apache config according to it, bilit I have to sleep


Do I change SSLCertificateKeyFile and SSLCertificateFile in apache config?

A Deployment Task is the best way. Certify has excellent docs and community and support forum. We rarely get people asking details of it here because they get their answers about using Certify from those sources.


That didn't help at all. I need specific instructions on how to get apache to use the pem and let me access the site as https.

Apparently if the site is accessed for the first time using https, Firefox gives a code, which is "SEC_ERROR_UNKNOWN_ISSUER".

Well, you might try asking on the Certify forum on how best to use their product.

But, I see your port 443 is blocked probably by a firewall. So, there is more to do than just applying the certs

nmap -p80,443 vistaman.ftp.sh
rDNS record for

80/tcp  open     http
443/tcp filtered https

Wow, I feel really dumb right now. Why? I forgot to forward the port 443 in my router's settings. I'm new here, should I click the solution button under your post?

1 Like

Sure, I did that for you :slight_smile:


Hi, I'm not an Apache expert but it looks like the certificate configuration your server is currently using doesn't include the full chain. It just includes your actual certificate and needs to also include the intermediate that lets encrypt uses to sign your certificate.

Currently your Apache config will be pointing to the SSL Certificate file exported from Certify The Web (or certbot etc), which currently only includes your actual certificate, instead you need to point it to the "full chain" file.

In Certify you would set the output file path for "full chain" under Task Parameters to the file path you want, then save and run the task again to export the file to that location. You should then restart/reload Apache.


Just adding on to webprofusion's good post is that you can check your Apache cert with a site like this one:


What should I put into the Apache config to point it to that file? I have already exported it.

If that isn't enough information, you could try an Apache forum.


Nevermind, I figured it out myself. Turns out I needed to use SSLCertificateChainFile for both the chain.pem and the fullchain.pem