Installed SSL with cerbot on CentOS 6 successfully but https not working


#1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: hombee.net

I ran this command: ./certbot-auto certificates

It produced this output:
Found the following certs:
Certificate Name: www.hombee.net
Domains: www.hombee.net hombee.net
Expiry Date: 2019-03-14 17:00:15+00:00 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/www.hombee.net/fullchain.pem
Private Key Path: /etc/letsencrypt/live/www.hombee.net/privkey.pem

My web server is (include version): apache

The operating system my web server runs on is (include version): CentOS 6

My hosting provider, if applicable, is: OVH VPS

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): virtualmin

All configuration seems Ok but the https is NOT working.


#2

i have the following config in the virtual host directive in the apache config file /etc/httpd/conf/httpd.conf

SSLCACertificateFile /etc/letsencrypt/live/www.hombee.net/chain.pem
Include /etc/letsencrypt/options-ssl-apache.conf
SSLVerifyClient optional
SSLCertificateFile /etc/letsencrypt/live/www.hombee.net/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/www.hombee.net/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/www.hombee.net/fullchain.pem

Please need help guys


#3

Hi @tourenathan

your configuration


Domainname Http-Status redirect Sec. G
http://hombee.net/
51.77.137.139 200 0.097 H
http://www.hombee.net/
51.77.137.139 200 0.083 H
https://hombee.net/
51.77.137.139 -14 10.036 T
Timeout - The operation has timed out
https://www.hombee.net/
51.77.137.139 -14 10.026 T
Timeout - The operation has timed out

Your http works. But your https has a timeout. So is there a firewall?

You have certificates

https://transparencyreport.google.com/https/certificates?cert_search_auth=&cert_search_cert=&cert_search=include_expired:false;include_subdomains:false;domain:hombee.net&lu=cert_search

with two and three domain names, created today. And an older wildcard certificate. How did you create these certificates?

Has virtualmin an integrated solution?


#4

Yep, there are partial integrated solutions.

Found there:

  1. Unter Edit Virtual Server muss SSL unter Enabled Features aktiviert sein.
  2. Unter Server configuration und Manage SSL Certificate im Tab Update Certificate and Key muss für Signed SSL certificate und Matching private key mittels der File on server Option die cert.pem bzw für den Key die privkey.pem ausgewählt werden. Hier hangelt man sich dann einfach durch die Ordner, bis man am anfangs erstellten Ordner angekommen ist.
  3. Sind beide ausgewählt, klickt man auf Install now
  4. Auf der selben Seite, aber im Tab CA Certificate auf gleiche Weise mittels File on server die fullchain.pem auswählen, dann Save certificate

So you must edit your virtual servers to enable SSL. Then “Server-configuration” - public and private key. Install now - and add the CA-Certificate.


#5

My app was running on another server before.
This server i’m using now is a new server


#6

I will check the point you mention and give feedback


#7

SSL is enabled for the virtual server.
When i follow the procedure describe above i have an error message as below:
### Failed to install certificate : Certificate file /etc/letsencrypt/live/www.hombee.net/cert.pem must be under the virtual server’s home directory


#8

Hi,

You might try to link the certificate to the local (user home)… But before you try that, could you please tell us your virtualmin version?

In new versions (virtualmin 5 and later) of virtualmin, you could get certificate via the web panel directly, by following this guide.

Thank you


#9

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.