I ran this command: sudo certbot --apache and it generated a certificate that gets detected as "self-signed" by firefox and mediawiki, the web-application of that domain.
My web server is (include version): Apache2
The operating system my web server runs on is (include version): Ubuntu 20
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): 1.26.0
As it creates multiple problems, I want to "switch" to a "non-self"-signed certificate.
That is impossible.
It might be that you ran certbot --apache [and that completed normally]
And that your site is still using a "self-signed" cert.
But no "self-signed" certs come from certbot.
So...
There must be a "problem" with your Apache config.
Let's have a look at the output of:
Found the following certs:
Certificate Name: pocketwiki.cau.ninja
Serial Number: 4ef5ea7fd2a01bd5495c567ce79ff121a5c
Key Type: RSA
Domains: pocketwiki.cau.ninja wiki.pseudocode.site
Expiry Date: 2022-07-10 18:31:30+00:00 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/pocketwiki.cau.ninja/fullchain.pem
Private Key Path: /etc/letsencrypt/live/pocketwiki.cau.ninja/privkey.pem
apachectl -t -D DUMP_VHOSTS gives:
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the 'ServerName' directive globally to suppress this message
VirtualHost configuration:
*:443 pocketwiki.cau.ninja (/etc/apache2/sites-enabled/pocketwiki-le-ssl.conf:2)
You can edit your /etc/hosts file and make your pc believe that pocketwiki.cau.ninja is hosted on 127.0.0.1, though. (Instead of querying the public DNS)
I have now changed it, but both the firefox- and editing-error persist. If you want to try it, you can freely edit one character on https://pocketwiki.cau.ninja/index.php/Testpage?veaction=edit and commit it as a "minor change" by clicking "Ă„nderungen speichern" in the top right corner.
Mediawiki describes the occurring error with: "Error contacting the Parsoid/RESTBase server: (curl error: 60) Peer certificate cannot be authenticated with given CA certificates
You may be using a self-signed SSL certificate. Workaround unknown."