Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address.
My web server is (include version): tomcat-7.0.67
The operating system my web server runs on is (include version): CentOS release 6.5
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.31.0
The site is temporarily unavailable for access
Because the website has not been filed or involved in the release of prohibited
information, it is inaccessible due to violation of the relevant regulations of the
Ministry of Industry and Information Technology and the Ministry of Public Security.
In order to restore the normal access of the website, the webmaster needs
to handle it in time:
1. To complete the ICP filing of the website, please go to the UCloud filing
system for operation.
2. If it involves public security filing, please log on to the national public security organ's
Internet station security management service platform www.beian.gov.cn to operate.
If you have any questions, the administrator can consult UCloud for customer service.
Thank you for your cooperation!
you have to do something.
So Letsencrypt can't validate your domain if your webserver is blocked.
I don’t have installed a certificate yet.
This project uses NodeJs as front-end server, which returned html content with JavaScript as you can see.
So I should create “.well-known/acme-challenge” at webroot of nodeJs, and run “./certbot-auto certonly --webroot” to generate a certificate, then use it in tomcat, is it right ?
btw, I use below command to generate pfx file for tomcat.
openssl pkcs12 -export -out bundle.pfx -inkey privkey.pem -in cert.pem -certfile chain.pem -password pass:xxx
And if certificates are renewed automatically, whether I need to rerun openssl command ?
If you want your hook to run only after a successful renewal, use --deploy-hook in a command like this.
certbot renew --deploy-hook /path/to/deploy-hook-script
The certificate file.crt is created successfully, however, my website(https://www.kkcoding.net) still shows Not Secure, do you have any idea about it?
Many thanks.