INGLES
I have two errors in installing to validate my certificate; I detail the installation steps and I will put in bold two errors that they give me, I hope you can guide me.
I am using Zextras Carbonio CE on Ubuntu
Installation:
sudo snap install core; sudo snap refresh core
sudo snap install --classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot
sudo certbot certonly --standalone
sudo certbot renew --dry-run
Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/mail.softnet.ec/fullchain.pem
Key is saved at: /etc/letsencrypt/live/mail.softnet.ec/privkey.pem
This certificate expires on 2022-06-26.
These files will be updated when the certificate renews.
Certbot has set up a scheduled task to automatically renew this certificate in the background.
We were unable to subscribe you the EFF mailing list because your e-mail address appears to be invalid. You can try again later by visiting https://act.eff.org.
If you like Certbot, please consider supporting our work by:
- Donating to ISRG / Let's Encrypt: Donate - Let's Encrypt
- Donating to EFF: Support EFF's Work on Let's Encrypt | Electronic Frontier Foundation
Then I type this:
cp /etc/letsencrypt/live/mail.softnet.ec/privkey.pem /opt/zextras/ssl/carbonio/commercial/commercial.key
wget -O /tmp/ISRG-X1.pem https://letsencrypt.org/certs/isrgrootx1.pem.txt
"/tmp/ISRG-X1.pem: Permission denied"
cat /tmp/ISRG-X1.pem>> /etc/letsencrypt/live/mail.softnet.ec/fullchain.pem
cp /etc/letsencrypt/live/mail.softnet.ec/cert.pem /tmp
cp /etc/letsencrypt/live/mail.softnet.ec/fullchain.pem /tmp
chown zextras:zextras /opt/zextras/ssl/carbonio/commercial/commercial.key
su - zextras -cn 'zmcertmgr verifycrt comm /opt/zextras/ssl/carbonio/commercial/commercial.key /tmp/cert.pem /tmp/fullchain.pem'
" Verifying '/tmp/cert.pem' against '/opt/zextras/ssl/carbonio/commercial/commercial.key'**
Certificate '/tmp/cert.pem' and private key '/opt/zextras/ssl/carbonio/commercial/commercial.key' match.
***** Verifying '/tmp/cert.pem' against '/tmp/fullchain.pem'***
ERROR: Unable to validate certificate chain: C = US, O = Internet Security Research Group, CN = ISRG Root X1
error 2 at 2 depth lookup: unable to get issuer certificate
error /tmp/cert.pem: verification failed"
------<-----<----<---<
ESPAÑOL
Tengo dos errores en instalar validar mi certificado; detallos los pasos de instalacion y pondre en negrita dos errores que me dan, espero me puedan guiar.
Estoy usando Zextras Carbonio CE en Ubuntu
Instalacion:
sudo snap install core; sudo snap refresh core
sudo snap install --classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot
sudo certbot certonly --standalone
sudo certbot renew --dry-run
Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/mail.softnet.ec/fullchain.pem
Key is saved at: /etc/letsencrypt/live/mail.softnet.ec/privkey.pem
This certificate expires on 2022-06-26.
These files will be updated when the certificate renews.
Certbot has set up a scheduled task to automatically renew this certificate in the background.
We were unable to subscribe you the EFF mailing list because your e-mail address appears to be invalid. You can try again later by visiting https://act.eff.org.
If you like Certbot, please consider supporting our work by:
- Donating to ISRG / Let's Encrypt: Donate - Let's Encrypt
- Donating to EFF: Support EFF's Work on Let's Encrypt | Electronic Frontier Foundation
Luego digito esto:
cp /etc/letsencrypt/live/mail.softnet.ec/privkey.pem /opt/zextras/ssl/carbonio/commercial/commercial.key
wget -O /tmp/ISRG-X1.pem https://letsencrypt.org/certs/isrgrootx1.pem.txt
"/tmp/ISRG-X1.pem: Permission denied"
cat /tmp/ISRG-X1.pem>> /etc/letsencrypt/live/mail.softnet.ec/fullchain.pem
cp /etc/letsencrypt/live/mail.softnet.ec/cert.pem /tmp
cp /etc/letsencrypt/live/mail.softnet.ec/fullchain.pem /tmp
chown zextras:zextras /opt/zextras/ssl/carbonio/commercial/commercial.key
su - zextras -cn 'zmcertmgr verifycrt comm /opt/zextras/ssl/carbonio/commercial/commercial.key /tmp/cert.pem /tmp/fullchain.pem'
" Verifying '/tmp/cert.pem' against '/opt/zextras/ssl/carbonio/commercial/commercial.key'**
Certificate '/tmp/cert.pem' and private key '/opt/zextras/ssl/carbonio/commercial/commercial.key' match.
***** Verifying '/tmp/cert.pem' against '/tmp/fullchain.pem'***
ERROR: Unable to validate certificate chain: C = US, O = Internet Security Research Group, CN = ISRG Root X1
error 2 at 2 depth lookup: unable to get issuer certificate
error /tmp/cert.pem: verification failed"