My domain is: facebook-authenticate.ml
I got the certbot certificate succesfully however it still shows as not secure.
I did a scan on www.whynopadlock.com and all is good except it says invalid intermediate, i dont know how to fix this error if this even is this cause of the not secure message I don't really know.
I'm setting up a gophish server as part of a pentesting course I'm taking any help would be much appreciated.
Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:
I ran this command:
It produced this output:
My web server is (include version):
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
My domain is: facebook-authenticate.ml
My web server is (include version): ubuntu 22.x
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is: linode.com
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): latest
You keep removing questions from the questionnaire. Please don't do that. Something has gone wrong with installing the certificate so I really like to see the Certbot command you've used and its exact output:
I ran this command:
It produced this output:
(Also, Ubuntu is not a webserver software, but a Linux distribution a.k.a. OS.)
oh sorry
I ran this command: sudo certbot certonly --standalone
It produced this output:
certificate issued successfully
certificate is saved at /etc/letsencrpyt ...
basically the successful message dont know how to screenshot it but hope u get the gist.
ITS ALL FIXED NOW, I RERAN THE COMMAND AND ALL IS GOOD
I doubt that. Your webserver is still serving just the end leaf certificate without the intermediate certificate(s). Re-running the Certbot command wouldn't have changed anything. You probably forced a renewal unnecessarily, so you now have two certificates issued: crt.sh | facebook-authenticate.ml The first one was perfectly fine already, so the only thing you've managed is adding extra load on the Let's Encrypt systems unnecessarily.
As you've used the certonly subcommand, you must have installed the certificate manually. When doing so, you probably have used cert.pem instead of fullchain.pem, thus missing the intermediate(s).
Also, I'm curious why you're using the standalone authenticator? That's usually not the best option. Although as you have not specified which webserver you're using I can't make any recommendation.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.