Excellent, glad you got things working! Also, I'd like to disagree with something Osiris said:
Personally, I think the purpose of this forum is to help people acquire affinity/knowledge about TLS, HTTPS, and certificates. We get questions from people with all levels of experience, and I try to provide a welcoming environment for everyone. So thank you for your question, @Salient!
Let’s agree to disagree on that subject @jsha Servers run by not-so-competent (not personally meant in this thread, but in a general way) persons are a risk to the internet IMHO. Outdated software, exploitable web-apps et cetera. People who aren’t capable of setting up a secure setup, shouldn’t be doing so. With regard to this forum and Let’s Encrypt, you could argue that those servers will be around anyway, with or without TLS, that’s true.
Another point you might want to keep in mind is that a forum such as this can only be successful, if there are people around who want to help. Who want to invest their (precious?) time. Voluntarily. I’m only speaking for myself of course, but if the level of threads/questions becomes too low, i.e., everyone just wants a fish in stead of learning to fish (i.e.: instant result without ANY effort), there’s a chance those volunteers are fed up with those threads and will leave I have had the thought “My god, please, do try to investigate/learn/Google/Wikipedia some yourself first before asking a complete instant fix for your problem here” many times and I won’t invest any time/effort in such a case.
But in the end you guys call the shots of course
(I forked the thread so we can have this interesting conversation without cluttering up the original thread)
Yep, it totally makes sense that you and other helpful volunteers on the forum don't want to spend time answering questions that are too repetitive or boring. But keep in mind that each person who shows up is a blank slate. If you tell one person "maybe you shouldn't use TLS because you are too inexperienced," that doesn't actually prevent the next inexperienced person from asking a newbie question, because they won't have seen your reply.
What saying that does accomplish is to make the questioner feel discouraged about learning how to configure TLS, so maybe they never become more of an expert. On the other hand, if we educate with kindness, that questioner is more likely to go on to learn more, and help educate others, which in the longer run may lead to more participants and better questions.
dealing with similar issues in day to day job this is the questions I usually ask
A) What are you trying to do
B) What is your understanding of how the process should work
C) What are you observing
This usually leads to one of 3 things -
clarification of documentations or understanding
Pointing people to useful guides (i.e. them up skilling)
doing some testing and troubleshooting to find errors or bad configurations
i genuinely believe that support forums like this work best on the basis of reciprocity. there have been several times that people have decided to go to private CAs because that’s what they were comfortable with
This seems to be one of the hardest things (aside from RTFM, or however it’s more politely phrased) to impress on people asking questions, who seem to think that “it didn’t work” is an adequate description of the problem. It did something. You expected it to do something. When you say “it didn’t work”, the only thing that tells me is that the something it did, and the something you expected it to do, weren’t the same.