Hello. I recently tried to enable ECDSA ciphers for my server and I proceeded to start the process of getting an EC key for my server. I went to install the certificate following a guide (https://jetmirshatri.com/dual-rsa-and-ecdsa-certificates-for-nginx-on-ubuntu-16-04/) and I adapted it for use in Apache. I followed all the instructions and managed to generate a private key and certificate signing request successfully, but when I go to submit the csr via certbot-auto, it fails with error code 1. It then tells me to upgrade Python PIP. I have already upgraded Python PIP to the latest version (8.1.2) and it still throws that error. Please help.
My domain is: spotlightsrule.gleeze.com
I ran these commands and they completed successfully (i have masked sensitive details):
openssl ecparam -genkey -name secp384r1 > "/etc/letsencrypt/live-ecdsa/spotlightsrule.gleeze.com/privkey-ecdsa.pem"
cd /etc/letsencrypt/live-ecdsa/spotlightsrule.gleeze.com/
sudo openssl req -new -sha256 -key privkey-ecdsa.pem -nodes -out request.csr -outform pem
-US
-*******
-*** ******
-*********
-*********
-spotlightsrule.gleeze.com
-*********@.com
cd ~
I ran this command to get the certificate (sensitive info masked):
./certbot-auto certonly -w /var/www/html/ -d spotlightsrule.gleeze.com --email “*********@.com” --csr “/etc/letsencrypt/live-ecdsa/spotlightsrule/request.csr” --agree-tos
I then got this output (its quite big so I had to host it elsewhere):
https://spotlightsrule.gleeze.com/diagnostics/output/output.txt
My operating system is: Ubuntu 16.10
My web server is: Apache 2.4.23 with OpenSSL 1.1.0b
I use an SSH and SFTP client to login to my server and I have access to root.