Hi there,
Using certbot to generate a certificate for andersonquigley.com , which works great.
However, doing an SSL test on sslabs tells me that the certificate chain is incomplete
https://www.ssllabs.com/ssltest/analyze.html?d=andersonquigley.com
I set up the apache vhost with:
SSLCertificateFile /etc/letsencrypt/live/andersonquigley.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/andersonquigley.com/privkey.pem
fullchain contains 2 -----BEGIN/END CERTIFICATE----- certificate blocks.
Any ideas what the problem could be?
_az
February 20, 2019, 9:29am
2
It sounds like you are using an old-ish version of Apache httpd.
Combined certificate format (fullchain.pem
) support was introduced in Apache 2.4.8.
You’ll probably need to add:
SSLCertificateChainFile /etc/letsencrypt/live/andersonquigley.com/chain.pem
2 Likes
Thanks for the quick response.
That seems to have done it!
Weird, as I’m using apache 2.4.7:
$ apachectl -v
Server version: Apache/2.4.7 (Ubuntu)
$ certbot --version
certbot 0.26.1
1 Like
Ah yes, sorry version number is lower!
_az
February 20, 2019, 9:36am
5
1 patch level higher and your version would have worked, haha .
2 Likes
system
Closed
March 22, 2019, 9:42am
6
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.