Install on CentOS 7


I put my server into permissive mode and the installer script via
and the site now flags up as insecure…
Any tips? I’ve had a read through Installer for Centos 7? but it does not resolve my issue. I’ve checked open ports and it reports

443/tcp open https



Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g., so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

My domain is:

I ran this command: the instructions at

It produced this output: Congratulations! You have successfully enabled and

My web server is (include version): Server version: Apache/2.4.6 (CentOS)

The operating system my web server runs on is (include version): Linux 3.10.0-862.3.3.el7.x86_64 #1 SMP Fri Jun 15 04:15:27 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux

My hosting provider, if applicable, is: It is a bare metal server running on an OVH server farm

I can login to a root shell on my machine (yes or no, or I don’t know): it’s the only way I can log on :slight_smile:


Interestingly, the works fine while the doesn’t. I would speculate that your Apache virtual hosts only mention the former, or that you have a _default_ HTTPS virtual host with a self-signed which is taking priority and should be deleted.

so, add to virtual hosts even though it is the primary domain?

Yes, Apache is using the domain name to choose which virtual host to use and therefore which certificate to present. It needs to know that that name refers to the same virtual host as


<VirtualHost *:80>

What needs editing?

I’m guessing I need to add on the ssl port?

You should have a similar -le-ssl.conf file. If it already has the ServerAlias, then that’s OK; in this case you should look for an HTTPS virtual host with _default_ in order to remove it.

I do have that file and it starts:

<VirtualHost *:443>

Try grep -r _default on your Apache configuration directory to look for the _default_ HTTPS virtual host which may need to be removed.

/etc/httpd/conf#grep -r _default

as in nothing. Any other ideas? We are this close I can taste the finishing line!!!



Maybe in /etc/httpd rather than /etc/httpd/conf?

this one?
root@phillw:/etc/httpd#grep -r _default

3rd time lucky…

VirtualHost default:443

I believe that if you get rid of that virtual host and reload Apache, your site will work. This is a problem that quite a few other people have had in the past, with a similar symptom.

The site is now totally unreachable…
This site can’t be reached refused to connect.

Checking the connection
Checking the proxy and the firewall

I believe you have to make sure you have

Listen 443

in your main Apache configuration (in some systems it’s in a file called ports.conf).