Certificate self-signed but signed by letsencrypt


#1

Hello,

I wanted to test letsencrypt, but when I tried to do ./certbot-auto --apache --staging, I have only self-signed certificate.

Do you have an idea why its self-signed ? and not signed by letsencrypt ?

Thanks


#2

The staging environment signs certificate using an untrusted certificate. If you’ve finished testing, you should drop the --staging flag to get a certificate that’s trusted by browsers.


#3

I tried without --staging, this is the same thing


#4

What does that mean? Where is the cert? How did you determine it’s self-signed?


#5

Make sure you don’t have any non-Let’s Encrypt-certificates set anywhere in your configuration. Some distributions, like CentOS, generate and configure a self-signed certificate by default, and depending on what your apache configuration looks like, that certificate might be the one apache picks instead of your LE certificate. You can use grep -r "SSLCertificateFile" /etc/httpd/ or grep -r "SSLCertificateFile" /etc/apache2/ to see if any unexpected certificates show up.

If that doesn’t turn up anything, I’d be curious about the exact certificate (and maybe browser error) you’re seeing.


#6

Hi,
It’s works, thanks
Chos


#7

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.