Please see the certbot documentation: User Guide — Certbot 2.7.0.dev0 documentation
4 Likes
Now at least the website is not down 
, but no SSL installed , still running not secured
1 Like
That means your Apache configuration is not succesfully configured for HTTPS.
4 Likes
Yes, it exited with error
Syntax error on line 35 of /etc/apache2/sites-enabled/prestashop.conf:
SSLCertificateFile: file '/etc/letsencrypt/live/fullchain.pem' does not exist or is empty
when nano fullchain.pem - showing an empty file and is not writable
Yes one folder is missing, got it
Did you run nano as root or with sudo?
Does "got it" mean "I saw this error and I'm going to fix it"?
4 Likes
SSLCertificateFile: file '/etc/letsencrypt/live/fullchain.pem' does not exist or is empty, | one step folder name was missing, that is now fixed
now certificate file in order , fullchain.pem and certificate key in order
But now certificate still not installed
Now we got this error
NET::ERR_CERT_COMMON_NAME_INVALID
Your currently active certificate is just valid for www.citihealth.in and not for citihealth.in. And if I go to https://www.citihealth.in/ your webserver is redirecting to https://citihealth.in/ which is not part of the currently configured certificate.
However, in the very recent past, you've issued two certificates for both hostnames. See: crt.sh | citihealth.in Please configure your webserver to use one of those previously issued certificates.
4 Likes
Is it possible to delete one of the certificates citihealth.in and then it will automatically continue with the www.citihealth.in certificate?
I don't understand the question, but I'm pretty sure the answer is: no. If you delete a certificate in certbot, it doesn't change anything to the webserver configuration nor to any of the other certificates..
4 Likes
Ok then we change the Apache config file
But what is there to change?
Change it to the correct certificate.
4 Likes
It is already pointing to the correct certificate
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/www.citihealth.in/certificate.pem
There are 3 certificates showing against citihealth.in example >
PEM encoded chain:
begin certificate
MIIFKDCCBBC ------ code---gjgQ==
end certificate
being certificate
MIIEZTCCA---- code ---wuoXvg==
end certificate
begin certificate
MIIDSjCCA----code----p2CNTUQ
end certificate
but when we go to the directory /etc/letsencrypt/live/foldername/ it is showing only 1 certificate and we have provided the exact path to that certificate
How do we locate another 2 certificates path?
As usual in this thread, I have a very hard time following you, and I'm almost ready to give up... For example, the /live/ directory should NOT contain any file called "certificate.pem" generated by certbot, so that would have been manually edited or manually put there: we're not going to support such manual tinkering.
Also, I have absolutely no idea what you mean by "(…) 3 certificates showing against citihealth.in (…)".
2 Likes
A single file in the /live/domain/ directory can contain multiple certificates. chain.pem contains the 2 intermediate certificates and fullchain.pem contains 3 certificates: 1 end leaf certificate which is also found in cert.pem combined with the 2 intermediates from chain.pem.
This info could also have been found in the certbot documentation page about the certificate files: User Guide — Certbot 1.16.0.dev0 documentation This is exactly the same page as I linked here yesterday.
I'm giving you a last chance, but my finger is already on the button for closing this thread, as I'm suspecting (for a time now) you're just trolling.
3 Likes
Inside /etc/letsencrypt/live/$domain there are files shown in the screenshot and those file paths are linked in the virtualhost
You are expert in this field, I am not, this is my first time ever with webservers and configuration
You can become an expert too, if you read stuff like documentation, such as the documentation I've linked you twice already now. From my point of view (which might be wrong, but I only have the information you provide) you just seem to refuse to read the actual documentation and keep asking things which are already explained.
Maybe those documentation is too hard to understand or my explanation is also not easy to understand, but I'm not hearing any of that. I just see a broken record repeating itself over and over again..
4 Likes