I had to reissue a certificate using acme because I had a problem automatically renewing using another method.
I was able to reissue the certificate. And it appears all is well with the new certificate, but the old one expired and now the site is inaccessible. (https://www.hubsocialpub.com/).
Is there a way to tell which certificates were installed by acme? I can see httpd-le-ssl.conf file points to a shortcut which points to certificates in an archive file, but how can I tell if those are the correct certificates? Where does acme typically store the certificates?
Also, I believe it took these lines out of the httpd-le-ssl.conf file…do I need these?
SSLCertificateChainFile “/etc/httpd/ssl/letsencrypt.pem”
SSLCACertificatePath “/etc/httpd/ssl/”
SSLCACertificateFile “/etc/httpd/ssl/letsencrypt.pem”
I believe the new certifcate, created with acme is current based on the following command:
[ec2-user@ip-10-0-1-160 ~]$ sudo /home/ec2-user/.acme.sh/acme.sh --list
Main_Domain KeyLength SAN_Domains Created R enew
hubsocialpub.com “” *.hubsocialpub.com Thu Oct 11 12:26:43 UTC 2018 M on Dec 10 12:26:43 UTC 2018
if this helps - apachectl returns the following:
[ec2-user@ip-10-0-1-160 ~]$ sudo apachectl -S
VirtualHost configuration:
*:80 hubsocialpub.com (/etc/httpd/conf/httpd.conf:43)
*:443 is a NameVirtualHost
default server ip-10-0-1-160.ec2.internal (/etc/httpd/conf.d/ssl.conf:5 6)
port 443 namevhost ip-10-0-1-160.ec2.internal (/etc/httpd/conf.d/ssl.co nf:56)
port 443 namevhost hubsocialpub.com (/etc/httpd/conf/httpd-le-ssl.conf: 2)
alias www.hubsocialpub.com
wild alias *.hubsocialpub.com
ServerRoot: “/etc/httpd”
(everything else is using defaults
Thanks a lot!
Ken