Certifiactes come with a permission mask, connection to this is not secure


#1

My domain is:
https://35.154.101.44/

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):
Ubuntu: 16.04

My hosting provider, if applicable, is:
AWS cloud computing

I can login to a root shell on my machine (yes or no, or I don’t know):
Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

apachectl configtest

AH00526: Syntax error on line 34 of /etc/apache2/sites-enabled/000-default-le-ssl.conf:
SSLCertificateFile: file ‘/etc/letsencrypt/live/welldoneindia.co.in/fullchain.pem’ does not exist or is empty
Action ‘configtest’ failed.
The Apache error log may have more information.

Actually the file really exists and not empty

This above URL will ask you to confirm security exception , But the file is really working 000-default-le-ssl.conf


#2

Probably you forgot to run it as root (or with sudo).

Indeed, because your certificate is not valid for an IP address. Let’s Encrypt will only issue certificates for registered domain names. If you visit the website over one of the names that the certificate is valid for (e.g. https://welldoneindia.co.in), then you will see that there is no error.


#3

Does this domain https://welldoneindia.co.in/ works for you ?

@_az


#4

Yes it does, as well as https://www.welldoneindia.co.in/ and https://app.welldoneindia.co.in/


#5

Unfortunately , this does not works for me in private as well @_az, Can you please send me the working screenshot for that


#6

Maybe try re-opening your browser tab, and also checking that you don’t have your domains pointing somewhere else in /etc/hosts.


#7

Yes, I already check the /etc/hosts., but it seems fine, But thanks for your help may be ISP blocked that IP for me

Do you any other option, So I can access the same @_az

Thanks


#8

What’s the actual error message shown by your browser? Take a screenshot of the most detailed part of the error.


#9

Please look for the following attachment


#10

Your computer can’t resolve the domain in DNS.

Perhaps you have a cached NXDOMAIN on your local network’s resolver from before you had setup up the IP address in Route 53.

You’ll just need to wait for your local DNS resolver to update, or flush it, or change DNS resolver to something like 1.1.1.1 temporarily.


#11

Thanks for the info , you are very helpful @_az


closed #12

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.