Certificate chain incomplete


Hi there,

Using certbot to generate a certificate for andersonquigley.com, which works great.

However, doing an SSL test on sslabs tells me that the certificate chain is incomplete

I set up the apache vhost with:
SSLCertificateFile /etc/letsencrypt/live/andersonquigley.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/andersonquigley.com/privkey.pem

fullchain contains 2 -----BEGIN/END CERTIFICATE----- certificate blocks.

Any ideas what the problem could be?


It sounds like you are using an old-ish version of Apache httpd.

Combined certificate format (fullchain.pem) support was introduced in Apache 2.4.8.

You’ll probably need to add:

SSLCertificateChainFile /etc/letsencrypt/live/andersonquigley.com/chain.pem

Thanks for the quick response.
That seems to have done it!

Weird, as I’m using apache 2.4.7:

$ apachectl -v
Server version: Apache/2.4.7 (Ubuntu)

$ certbot --version
certbot 0.26.1

1 Like

Ah yes, sorry version number is lower!


1 patch level higher and your version would have worked, haha :slight_smile: .

closed #6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.