Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: bloq-e.de
I ran this command: no, I ‘installed’ the certificate
It produced this output: 443:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
My web server is (include version): apache 2.4 I think, surely above 2.4
The operating system my web server runs on is (include version): no idea
My hosting provider, if applicable, is: webgo.de
I can login to a root shell on my machine (yes or no, or I don’t know): I don’t know
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): i don’t use cerbot but manual verification
First, I did read the following kind of instructions:
https://letsencrypt.org/getting-started/ - sorry, but not helpful
I’ve been researching this isssue for a few days by now, and I read sudo, and cerbot and windows server and openSSL what do I know, but nothing clean. I need it clean.
I do have an apache on my own computer, just fine, but I’m not a pro.
My hoster, however, does support let’sEncrypt, but only for more expensive packages.
I recap what I did so far:
I hope this contribution will help others, or, after getting through with it, you might add it to
your getting started - thing.
This link helped me a lot to get started - getting practical:
https://www.borncity.com/blog/2017/05/05/lets-encrypt-ssl-zertifikat-fr-hosteurope-installieren/
in german, sorry
so following this blog, I first went to
https://www.sslforfree.com/
got two files I loaded up to my server
went back to sslforfree.com, clicked the link - so they check, if the two files
verily are on my server, and got me three text fields
with private key, certificate and ca bundle.
Now comes the fun part
My host actually offers in my menu ‘add SSL’ and then offers me 4 text fields in which I
did paste the text; CRT, CSR (I left this one empty), PrivateKey, and CA (optinal).
They don’t provide any instructions, or explanations.
Then it activated it, and shifted the text from CA to CSR
I do get the message “SSL-Certificate” for this domain.
Then I went to
https://www.sslshopper.com/ssl-checker.html
they check on the certificate, basically said it’s ok.
And it was not, but maybe after 48 hours it would have been.
in the mean time, I don’t know why, I get 400 bad request.
I read that, although SSL is in the menu, my host does not offer
Let’sEncrypt for my packet, unless I pay every month like 15 euros.
Anyway, I have my own apache running - part of the deal - and I wanna make it work.
Recap / problems
first, I have two domains: bloq-e.de and www.bloq-e.de
I read I need a certificate for each of them!
I also read, I first need to make sure, that none of the above is
redirected to the other one.
As for now, www.bloq-e.de ist redirected to bloq-e.de
but I don’t find no such entry in the host’s httpd.conf
I also read, after installing the certificate(s), I have to
redirect the http:// to https://, after! redirecting www.bloq-e.de to bloq-e.de
Is that true?
I also found an instruction on how to upload the certificate files - not the text - onto my server.
but the instruction raised more questions than it answered.
I got very nervous when I read I was supposed to upload the privateKey to a safe place???
What’s that? How do I do that?
Then I again and again read: I first have to create a virtual host in apache. On port 443.
which requires the serverName. And I don’t know this. Or may, since I upload my files
via FileZilla / FTP, and there I have to enter the server, it maybe is “s192.goserver.host”.
So what I’m trying to tell you here is: I’m totally lost. And I’d greatly appreciate to get the picture
of the installation
Do I have shell-access? I don’t know. This is a weird host, who turns customers into children.
I can access / overwrite the httpd.conf, but … yeah well, the host gives me a text field with
all entries they made on the apache server - each client has their ‘own’ server running.
Actually, it’s not clear that these are all entries. And in my root, there is a htaccess file
which is plain empty.