i apologize for asking what is probably an obvious question, but i cannot figure out what i might need to do with the fullchain.pem file.
here is how my apache httpd.conf looks:
SSLCertificateFile /etc/letsencrypt/live/MYDOMAIN.com/cert.pem SSLCertificateKeyFile /etc/letsencrypt/live/MYDOMAIN.com/privkey.pem SSLCertificateChainFile /etc/letsencrypt/live/MYDOMAIN.com/chain.pem
and the results of apachectl configtest ; is fine. the apache server restarts no problem.
yet during a dry-run i see several error messages like this:
certbot renew --dry-run ;
The following simulated renewals failed:
note: i just moved all of these websites from one server to another. i just tar-copied all the /etc/letsencrypt/archive files over. everything looks fine on https://www.sslshopper.com/ssl-checker.html
should i delete the certs from the old server and start over with new & fresh ones?
hopefully my $$$ donation today compensates for questions that have answers that are probably documented somewhere, but i was unable to find it.
checked here too:
EDIT: both of these seem to work just fine according to sslshoppper.com:
SSLCertificateChainFile /etc/letsencrypt/live/MYDOMAIN.com/chain.pem --or-- SSLCertificateChainFile /etc/letsencrypt/live/MYDOMAIN.com/fullchain.pem