I’ve installed certbot as per the instructions on the certbot site, I’m running CentOS 7 and Apache.
When I try to issue a certificate, it says it has been successfully generated. My browser then shows that it’s a self-signed certificate that has been implemented.
I’ve tried running “sudo certbot --server https://acme-v01.api.letsencrypt.org/directory” and re-issuing the certificate via that, but that also didn’t work. I’ve restarted the server and apache numerous times. I’ve also tried changing the SSLCertificateFile to the fullchain.pem file.
I seem to recall that CentOS generates (and enables) a self-signed certificate when you install mod_ssl. My best guess is that there’s a second configuration file somewhere in /etc/httpd with a SSLCertificateFile directive pointing to that self-signed certificate rather than the real one in /etc/letsencrypt. A quick grep for SSL in /etc/httpd should find the culprit.
Thanks for the response. Yes you were completely correct - /etc/httpd/conf.d/ssl.conf contained a default VirtualHost for 443 connections, within which it used a localhost certificate. I just deleted the entire default VirtualHost and it worked great.
Interesting how Apache doesn’t listen to more specific VirtualHosts instead of this default one though.