Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: grasp.deals
My web server is (include version): Apache2
The operating system my web server runs on is (include version): Ubuntu 20.04 Desktop
I can login to a root shell on my machine (yes or no, or I don't know): Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot): certbot 1.31.0
Following the indications found here: How To Install the Apache Web Server on Ubuntu 20.04 | DigitalOcean I installed Apache Web Server
in Ubuntu 20.04
This is my domain.conf
:
raphy@pc:~$ cat /etc/apache2/sites-available/grasp.deals.conf
<VirtualHost *:80>
ServerAdmin webmaster@localhost
ServerName grasp.deals
ServerAlias www.grasp.deals
DocumentRoot /var/www/grasp.deals
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
This is the sample HTML
:
raphy@pc:~$ cat /var/www/grasp.deals/index.html :
<html>
<head>
<title>Welcome to grasp.deals!</title>
</head>
<body>
<h1>Success! The grasp.deals virtual host is working!</h1>
</body>
</html>
I enabled the file with a2ensite
:
raphy@pc:~$ sudo a2ensite grasp.deals.conf
Site grasp.deals already enabled
raphy@pc:~$ sudo a2dissite 000-default-le-ssl.conf
Site 000-default-le-ssl disabled.
To activate the new configuration, you need to run:
systemctl reload apache2
raphy@pc:~$ sudo apache2ctl configtest
Syntax OK
And this is the output of configtest
:
raphy@pc:~$ sudo apache2ctl configtest
[Wed Oct 05 15:37:51.033941 2022] [tile:notice] [pid 21765:tid 139778198207552] Loading tile config ajt at /hot/ for zooms 0 - 20 from tile directory /var/lib/mod_tile with extension .png and mime type image/png
Syntax OK
I restarted Apache to implement the changes:
raphy@pc:~$ sudo systemctl restart apache2
Following these indications: Certbot Instructions | Certbot
I deployed the Let's Encrypt
certification:
raphy@pc:~$ sudo certbot --apache
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Which names would you like to activate HTTPS for?
We recommend selecting either all domains, or all domains in a VirtualHost/server block.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: grasp.deals
2: www.grasp.deals
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel):
Requesting a certificate for grasp.deals and www.grasp.deals
Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/grasp.deals/fullchain.pem
Key is saved at: /etc/letsencrypt/live/grasp.deals/privkey.pem
This certificate expires on 2023-01-03.
These files will be updated when the certificate renews.
Certbot has set up a scheduled task to automatically renew this certificate in the background.
Deploying certificate
Successfully deployed certificate for grasp.deals to /etc/apache2/sites-available/grasp.deals-le-ssl.conf
Successfully deployed certificate for www.grasp.deals to /etc/apache2/sites-available/grasp.deals-le-ssl.conf
Congratulations! You have successfully enabled HTTPS on https://grasp.deals and https://www.grasp.deals
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
If you like Certbot, please consider supporting our work by:
* Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
* Donating to EFF: https://eff.org/donate-le
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
The SSL Labs test is OK:
The check-your-website.server-daten.de
output:
But if I digit in a browser http://grap.deals
I get this: NET::ERR_CERT_AUTHORITY_INVALID
Where do I have to specify the path to the certificates?
How to make it work?