Let´s Encrypt cert is considert as Self-singed cert


#1

Yesterday i installed, Let’s Encrypt cert on my AWS ligthsail instance running Wordpress. Installation was succesfully, but i get the error the my cert is self signed, when i try to visit my homepage (www.yawo-cloud.com)

Here is my output of apachectl -S: https://hastebin.com/ganubipeba.rb

In my research, i found out, solutions for my problem often can be found in this output.

I also checked my website on SSL-Labs:

We were able to retrieve a certificate for this site, but the domain names listed in it do not match the domain name you requested us to inspect. It’s possible that:

The web site does not use SSL, but shares an IP address with some other site that does.
The web site no longer exists, yet the domain name still points to the old IP address, where some other site is now hosted.
The web site uses a content delivery network (CDN) that does not support SSL.
The domain name is an alias for a web site whose main name is different, but the alias was not included in the certificate by mistake. 

Would be nice to get some help :slight_smile:


#2

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):


Two certificates were created yesterday:

  1. https://crt.sh/?id=940741635
  2. https://crt.sh/?id=941222345

But Apache is using a self-signed certificate for www.example.com apparently created by Bitnami.

How did you create the certificates?

Did you configure Apache/Bitnami to use them?


#3

You may have successfully issued the cert, but you aren’t using it–you’re using an auto-generated self-signed cert that was created early yesterday afternoon.


#4

My web server is (include version): Apache/2.4.34 Unix

The operating system my web server runs on is (include version): Wordpress 4.9

I can login to a root shell on my machine (yes or no, or I don’t know): i don’t know

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

How did you create the certificates?

This is the way i did it: http://www.caridina.info/2018/01/13/amazon-lightsail-wordpress-instanz-mit-einem-ssl-zertifikat-versehen/


#5

You may have successfully issued the cert, but you aren’t using it–you’re using an auto-generated self-signed cert that was created early yesterday afternoon.

Whad do i need to do, to use them?


#6

…and you did these parts as well:

mv server.crt{,.orig}
mv server.key{,.orig}
ln -s /etc/letsencrypt/live/<web_server_name>/privkey.pem /opt/bitnami/apache2/conf/server.key
ln -s /etc/letsencrypt/live/<web_server_name>/fullchain.pem /opt/bitnami/apache2/conf/server.crt

?


#7

…and you did these parts as well:

mv server.crt{,.orig}
mv server.key{,.orig}
ln -s /etc/letsencrypt/live/<web_server_name>/privkey.pem /opt/bitnami/apache2/conf/server.key
ln -s /etc/letsencrypt/live/<web_server_name>/fullchain.pem /opt/bitnami/apache2/conf/server.crt

?

Yes, but replaced the <web_server_name> with my domain.


#8

What happens, when i install the cert again? WIll this cause any problems?


#9

Hi,

Since you mentioned you are on a AWS Lightsail Bitnami instance, could you please try the below tutorial?

https://docs.bitnami.com/aws/faq/administration/generate-configure-certificate-letsencrypt/