I have a server with a self signed certificate and as it is causing troubles lately, I decided to see if certbot has any solution for my Ubuntu 14.04
I found that certbot can be installed via snapd, so I've installed snapd and then installed certbot. Then I generated the certs.
The /etc/letsencrypt/ folder was created and the following lines:
SSLCertificateFile /etc/letsencrypt/live/alela.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/alela.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateChainFile /etc/letsencrypt/live/alela.com/chain.pem
were added to my apache2 config file.
After service apache2 reload, the https://alela.com show the error message:
alela.com uses un unsupported protocol and
ERR_SSL_VERSION_OR_CIPHER_MISMATCH
I can see that the same file already had:
ServerName alela.com
SSLEngine On
SSLOptions +StrictRequire
SSLProtocol TLSv1
So I replaced the last line by:
SSLProtocol TLSv1.1 TLSv1.2 TLSv1.3 but no change in the result.
As a consequence of the error message I was wondering if I could update the openssl from the version I have: OpenSSL 1.0.1f 6 Jan 2014
to a newer one in order to have a Certbot's supported protocol
I am stuck here, since I don't know how to upgrade openssl or the upgrade will break the ubuntu.
Any idea how to overcome this problem?
Thank you!!
Alejandro
My domain is: alela.com
I ran this command: https://alela.com on chrome or other browsers
It produced this output: alela.com uses an unsupported protocol. ERR_SSL_VERSION_OR_CIPHER_MISMATCH
My web server is (include version): apache2
The operating system my web server runs on is (include version): Ubuntu 14.04
My hosting provider, if applicable, is: n/a
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): none
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot): 1.20.0