Hi, Been working for a day now to get everything working. The Certbot worksfine for both the www and non www version of my site.
But no matter what i change or update; both Chrome and Edge keep saying that my site is not trusted. I have check for http:// links on my site but there are none.
When i look in the browser for an explanation is just says it is not valid.
One thing i noticed (don’t know if it has anything to do with it); the supplied to gives my servername and not my domainname.
Anybody got an idea how to fix this?
My domain is:
goedkoopstekeuze.nl
I ran this command:
Certbot
My web server is (include version):
Apache
The operating system my web server runs on is (include version):
Cent OS 7
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don’t know):
Yes
That's just a name. Not a full command. Or did you actually just run certbot without any options? If so, it should have asked a lot of questions. It would be helpful if you'd tell us the questions and the answers to those questions. If you actually did run certbotwith options, it would have been very handy if you'd actually tell us the full command.
Also, the question about the output of the command is missing. I guess you deleted it, but why? It would have been very helpful.
By not telling us everything and even removing questions, you're making us guess. And that's very frustrating. Without the required information, we can't help you properly.
I wouldn't recommend this if I were you. He's using Apache, so the apache plugin of certbot would be better if you'd ask me. Manually changing stuff would make things harder I believe. No offence to @goedkoopstekeuze, but I would suggest keeping stuff as simpel as possible.
You’ve selected “2” when you were asked to choose the domains to be included in the certificate. That would only give you a certificate with the www. hostname included. But not the “bare” domain name. The first time, you choose both hostnames, which I would recommend.
Also, because you’ve already requested (and got!) 5 certificates for www.goedkoopstekeuze.nl, you are experiencing one of the rate limits.
I would recommend entering “1” as wel as “2” when asked for the domains (or just press enter to select all the domains). And please tell us the output here.
–
Strangely enough though it isn’t a www or non-www-domain issue, but the self signed certificate which is currently installed. The --apache plugin should have added and/or changed the Apache configuration file to use the Let’s Encrypt certificate.
You might want to check where the reference to the self signed certificate is contained in the Apache configuration file by running grep -Ri SSLCertificateFile /etc/apache/ (assuming that’s the correct directory for Apache in CentOS, perhaps you need to use /etc/apache2/ or something).
I dont really know what i have done now (was working on the Vhost) and all of a sudden it is working
(Dit include the Vhost config changes for 443 inside the httpd.conf and rebooted)
Unfortunately, the certificate is only valid for www.goedkoopstekeuze.nl, not for goedkoopstekeuze.nl. This leads to invalid certificate warnings in Internet Explorer, Opera, Safari and Firefox (I believe Chrome ignores this www-errors).
You should redo some of the steps and install the certificate for both hostnames.
