I already installed lets encrypt on ubuntu server for my website using apache2 and I try to used the certificate for my tomcat server but nothing happen, the site can't be reached

ericdel · September 6, 2021, 1:40am

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: https://ppdo.bohol.gov.ph:8443

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

webprofusion · September 6, 2021, 1:46am

What new config did you set in tomcat to enable the use of the certificate?

ericdel · September 6, 2021, 1:53am

Thank you for the response. I add the pem files to the tomcat server.xml

<Connector port="8443" protocol="org.apache.coyote.http11.Http11AprProtocol"
               maxThreads="150" SSLEnabled="true" >
        <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
        <SSLHostConfig>
            <Certificate certificateKeyFile="conf/privkey.pem"
                         certificateFile="conf/cert.pem"
                         certificateChainFile="conf/chain.pem"
                         type="RSA" />
        </SSLHostConfig>

webprofusion · September 6, 2021, 2:11am

Thanks, did you restart tomcat and enable port 8443 at the firewall?

From where I am there is no service to connect to (port 8443 is not open to the public or nothing is listening). You can test your servers https response with openssl:

openssl s_client -servername ppdo.bohol.gov.ph -connect ppdo.bohol.gov.ph:8443

ericdel · September 6, 2021, 3:03am

I allow 8443 and then restart the tomcat. My headache was gone. You're the Man. Thank you so much.

webprofusion · September 6, 2021, 3:21am

No problem! Glad you got it working.

system · October 6, 2021, 3:21am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.