After running certbot --apache, I am able to access my site. However, I am given a “Certificate error” page with DLG_FLAGS_INVALID_CA.
https://www.ssllabs.com/ssltest/analyze.html?d=ps4mousetocontroller.com shows “Alternative names: INVALID”
My domain is:
PS4MouseToController.com
I ran this command:
certbot --apache
It produced this output:
Congratulations! You have successfully enabled https://ps4mousetocontroller.com
You should test your configuration at:
https://www.ssllabs.com/ssltest/analyze.html?d=ps4mousetocontroller.com
My web server is (include version):
Apache Tomcat 9
The operating system my web server runs on is (include version):
CentOS 7
My hosting provider, if applicable, is:
a2hosting
I can login to a root shell on my machine (yes or no, or I don’t know):
yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
certbot 0.34.2
Running apachectl -S:
[root@server bin]# apachectl -S
VirtualHost configuration:
*:443 ps4mousetocontroller.com (/etc/httpd/conf.d/ps4mousetocontroller-le-ssl.conf:2)
*:80 ps4mousetocontroller.com (/etc/httpd/conf.d/ps4mousetocontroller.conf:1)
ServerRoot: “/etc/httpd”
Main DocumentRoot: “/opt/tomcat/webapps/ROOT/”
Main ErrorLog: “/etc/httpd/logs/error_log”
Mutex proxy: using_defaults
Mutex authn-socache: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/run/httpd/" mechanism=default
Mutex mpm-accept: using_defaults
Mutex authdigest-opaque: using_defaults
Mutex proxy-balancer-shm: using_defaults
Mutex rewrite-map: using_defaults
Mutex authdigest-client: using_defaults
Mutex ssl-stapling: using_defaults
PidFile: “/run/httpd/httpd.pid”
Define: _RH_HAS_HTTPPROTOCOLOPTIONS
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name=“apache” id=48
Group: name=“apache” id=48
Running certbot certificates:
[root@server bin]# certbot certificates
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Found the following certs:
Certificate Name: ps4mousetocontroller.com
Domains: ps4mousetocontroller.com
Expiry Date: 2019-09-25 19:48:28+00:00 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/ps4mousetocontroller.com/fullchain.pem
Private Key Path: /etc/letsencrypt/live/ps4mousetocontroller.com/privkey.pem
Running grep -Ri SSLCertificateFile /etc/httpd/:
[root@server bin]# grep -Ri SSLCertificateFile /etc/httpd/
Binary file /etc/httpd/modules/mod_ssl.so matches
/etc/httpd/conf.d/ps4mousetocontroller-le-ssl.conf:SSLCertificateFile /etc/letsencrypt/live/ps4mousetocontroller.com/cert.pem
/etc/httpd/conf.d/ssl.conf.rpmsave:# Point SSLCertificateFile at a PEM encoded certificate. If
/etc/httpd/conf.d/ssl.conf.rpmsave:# the referenced file can be the same as SSLCertificateFile
/etc/httpd/conf.d/ssl.conf.rpmsave:SSLCertificateFile /etc/letsencrypt/live/ps4mousetocontroller.com/cert.pem
/etc/httpd/conf.d/ssl.conf:# Point SSLCertificateFile at a PEM encoded certificate. If
/etc/httpd/conf.d/ssl.conf:SSLCertificateFile /etc/pki/tls/certs/localhost.crt
/etc/httpd/conf.d/ssl.conf:# the referenced file can be the same as SSLCertificateFile