Did you restart your Apache?
If it doesn’t work, that vHost isn’t used.
Is the site enabled?
Or create wrong entries (other DocumentRoot) to check if that vHost is used.
I have relapsed the service.
according to digicert support the problem is that of letsencryptX3 is a certificate that is missing from the site by port 8080
As written: Your port 443 is correct, sends the intermediate certificate. Your port 8080 doesn't send it.
But if both vHosts use the same server, you must have a local error.
I understand, there will be no way that they could support me with some remote option and thus be able to verify the server
Could you try to check whether there is anywhere else in your configuration that a virtual host is defined for port 8080? Maybe grep -r 8080 on your Apache configuration directory?
similarly search and I do not have another Vh with port 8080, which another theory could be to generate the LetsecryptX3 certificate
There are different applications running.
Checked with a not existing file:
https://speedtest.redeshibridas.com.gt/not-existing-file.html
Not Found
The requested URL /not-existing-file.html was not found on this server.
Apache/2.4.18 (Ubuntu) Server at speedtest.redeshibridas.com.gt Port 443
But checking
https://speedtest.redeshibridas.com.gt:8080/not-existing-file.html
there is an empty page.
There is no header visible.
Looks like there is an application with a special setting.
I do not understand, followed the instructions of the following link
Follow the steps correctly and install the certificate in the following domain
speedtest.redeshibridas.com.gt
it worked for me, now my question is because I do not install this certificate in port 8080 or what I have to do later so that it works for me in that port
What’s running on port 8080?
This isn’t a standard Apache.
it is running at port 8080 the speedtest
that is why I do not understand, if in no instruction does it indicate that a certificate is installed in port 8080
Calling the site direct:
https://speedtest.redeshibridas.com.gt:8080/
There is an
OoklaServer
And there
is a new text how to configure that.
- Edit your OoklaServer.properties file to include the following uncommented lines:
openSSL.server.certificateFile = /home/ookla/cert.pem
openSSL.server.privateKeyFile = /home/ookla/key.pem
Ensure the path for your certificate and key file are correct. This should be a PEM certificate file. Make sure your certificate file includes the full trust chain back to the issuing Certificate Authority.
Restart OoklaServer. You should see "SSL Context Initialized" shortly after launch if your setup worked.
Change these two files, restart your Ookla, then recheck your domain.
is correct, so I have the configuration, and restart the service even with the 2 lines modified and likewise
There you see your error.
You have the cert file included, not the fullchain.
So your Ookla sends only one certificate instead of two.
That file has the wrong content.
This should be a PEM certificate file. Make sure your certificate file includes the full trust chain back to the issuing Certificate Authority.
in the first image that I sent, it indicates that the file CERT.PEM is going, which is the one I have added, then it would not be that if not the fullchain.pem?
I understood that
or I have to add the following file pem
FULLCHAIN.PEM
Yes, you need the full chain.
File names aren't relevant, the content of cert.pem is wrong.
thank you very much for the support, it was already accepted in the test of the ookla and digicert page, thank you very much
2 Likes
Yep, now there are two chain elements ( https://check-your-website.server-daten.de/?q=speedtest.redeshibridas.com.gt%3A8080 ):
| Chain (complete) | 0 | s:CN=speedtest.redeshibridas.com.gt | |
|---|---|---|---|
| 1 | s:CN=Let’s Encrypt Authority X3, O=Let’s Encrypt, C=US |
1 Like
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.