I’m trying to setup my site (www.ifweather.com), which is hosted on a DigitalOcean droplet.
First I started with the certbot walk through: https://certbot.eff.org/#ubuntutrusty-apache
I’m running Ubuntu 14.04 and Apache/2.4.7.
After the first attempt I enabled port 443 on my firewall after I didn’t pass the TLS-SNI-01 challenge.
Then I reran “./path/to/certbot-auto --apache” and got the following output.
Enabled Apache ssl module Error in checking parameter list: AH00526: Syntax error on line 53 of /etc/apache2/sites-enabled/ifweather_front-le-ssl.conf: SSLCertificateFile: file '/etc/apache2/insert_cert_file_path' does not exist or is empty Apache is unable to check whether or not the module is loaded because Apache is misconfigured. IMPORTANT NOTES: - Unable to install the certificate - Congratulations! Your certificate and chain have been saved at /etc/letsencrypt/live/ifweather.com/fullchain.pem. Your cert will expire on 2017-05-02. To obtain a new or tweaked version of this certificate in the future, simply run certbot-auto again with the "certonly" option. To non-interactively renew *all* of your certificates, run "certbot-auto renew"
So far, based on much google searching and forum sleuthing I haven’t made any progress. I’ve installed mod_ssl many times, and rebooted Apache many times, but per the message this appears to be working already.
I do have one bread crumb that I can’t make heads or tails of though. on this forum (https://github.com/certbot/certbot/issues/2584), the last entry by gaddmsk says "Okay, the solution is use only symlinks in sites-enabled. If you have .conf files in folder sites-enabled - you will have that problem."
When I look in my sites-enabled folder, I do see two .conf files that weren’t modified until today when I tried adding entries to them manually. (SSLCertificateFile & SSLCertificateChainFile entries) Should I change them to symlinks?