Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com ), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: hornick-vt.com
I ran this command: $ sudo certbot certonly --webroot
It produced this output: cert.pem/chain.pem/fullchein.pem/prikex.pem (all aliases with themselfes…)
My web server is (include version): Mac OS Server 5.2
The operating system my web server runs on is (include version): Mac OSX 10.11.6
My hosting provider, if applicable, is: Selfhosted
I can login to a root shell on my machine (yes or no, or I don’t know): Yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you’re using Certbot): i dont know. installed it 2 days ago
How can i get real certificates?
(upload://wNpQ86UH9XrEde7y1mkV5Qj2ogC.jpeg)
Hi @Andre234
you have three certificates created - https://check-your-website.server-daten.de/?q=hornick-vt.com#ct-logs
Issuer
not before
not after
Domain names
LE-Duplicate
next LE
Let's Encrypt Authority X3
2019-07-06
2019-10-04
hornick-vt.com - 1 entries
duplicate nr. 3
Let's Encrypt Authority X3
2019-07-05
2019-10-03
hornick-vt.com - 1 entries
duplicate nr. 2
Let's Encrypt Authority X3
2019-07-05
2019-10-03
hornick-vt.com - 1 entries
duplicate nr. 1
But your command
doesn't install the certificate, you use certonly.
So install your certificate.
Instead, you use a self signed certificate:
C=DE, CN=hornick-vt.com
28.12.2018
27.12.2020
expires in 539 days
And you have A-records with private ip addresses - 192.168.1.200. Letsencrypt ignores these, but it's wrong.
Hi, and thanks for the note about the privat ip.
i would like to replace the self signed cetificate, but i can not install the new certificate, because the files are only aliases.
I tried it 3 times to get other files
can you send me the files by mail?
These are symlinks. Check your directory structure to find the linked files. I don't use Macs, so it's curious that the symlinks aren't resolved.
???
The files are on your harddisk.
Hi,
i wish they would be there. Thats my Problem
As you can see in the Screenshot, when i doubleclick the file i get the error message. In the Infowindow you can see that the file is
an alias to itself. you can see, that the Path in Terminal is the same were the Aliases (Links) are
Thanks for your help!
Please read the documentation.
These are simple symlinks.
/etc/letsencrypt/archive
and /etc/letsencrypt/keys
contain all previous keys and certificates, while /etc/letsencrypt/live
symlinks to the latest versions.
Check the files in these directories.
/etc/letsencrypt/live/example.com/fullchain.pem
is supposed to be a symlink to ../../archive/example.com/fullchain1.pem
or similar.
If the target is itself, there’s a strange bug, or something strange has happened to your data.
1 Like
Thanks so much for your help. I found them in the archive folder like your wrote. Strange, thant the link was wrong.
Have a good day
André
1 Like
system
Closed
August 6, 2019, 5:23pm
9
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.