Please don't tell me I'ts over (Can't seem to be able to certificate my website in any way)

MikeMcQ · March 13, 2023, 4:29pm

I asked about the below file. Can you clarify your above comments? In one you say it has beginning markers and the other you say it does not.

youdrippinseb · March 14, 2023, 7:46am

There was some misunderstanding,

with nano /etc/letsencrypt/live/elviservizi.it/cert.pem i get this:

contents of: /etc/letsencrypt/live/elviservizi.it/cert.pem

  GNU nano 4.8                                      /etc/letsencrypt/live/elviservizi.it/cert.pem                                                
-----BEGIN CERTIFICATE-----
MIID5TCCAs2gAwIBAgIUGeaRv1yP2lyNKkPvE/GRxnDuErYwDQYJKoZIhvcNAQEL
BQAwgYExCzAJBgNVBAYTAml0MQ4wDAYDVQQIDAV0dXJpbjEOMAwGA1UEBwwFdHVy
aW4xGzAZBgNVBAoMEkVMLlZJLiBTRVJWSVpJIFNSTDEWMBQGA1UEAwwNU2VydmVy
IEVMLlZJLjEdMBsGCSqGSIb3DQEJARYOZWx2aXNlcnZpemkuaXQwHhcNMjMwMzAx
MDkzNjU0WhcNMjQwMjI5MDkzNjU0WjCBgTELMAkGA1UEBhMCaXQxDjAMBgNVBAgM
BXR1cmluMQ4wDAYDVQQHDAV0dXJpbjEbMBkGA1UECgwSRUwuVkkuIFNFUlZJWkkg
U1JMMRYwFAYDVQQDDA1TZXJ2ZXIgRUwuVkkuMR0wGwYJKoZIhvcNAQkBFg5lbHZp
c2Vydml6aS5pdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM4BZO08
UePC11lngQszAl2s3cjIoiqZiVbcTeGADd77bXQdNJSRRZKo4ksQbLTPJ0ozHZKH
qWwl5sVboM4+y6dfgHT/3thuZCZqftNyNtDYhjFOtOEqqsv4VqlcQ/7fa9L5Gc9S
kl+TuCN4RAUDDqkiKX3SzA9pEqHJz/W0XuuBEsg0mgerQKPvTW5dyk0UxABml7+0
xMzxb+5l7hm5eMMHZYloqRoX/VX0k56qXV/KB+uZ3armfq1bCIVIu4T+9KY4sfxB
Tp0tnvGEzSyEvYJ+ADOUDAk6sFhEfGNB8QVg3KWyU5vn0IGQjg0rnw/xvYTFo1pV
QYUNltIEBRB8fDcCAwEAAaNTMFEwHQYDVR0OBBYEFHVNmIND45WqkyjiEtmrg21p
wHijMB8GA1UdIwQYMBaAFHVNmIND45WqkyjiEtmrg21pwHijMA8GA1UdEwEB/wQF
MAMBAf8wDQYJKoZIhvcNAQELBQADggEBACD1KGQMUBOBTfA3XohSqCJzT+j6/5I1
qTC8Ap5ma+YZu5N35uAKrpKo1jEMXUn7fbdwup+q8kv5bfSZetsO1CRxDkQnU4R+
bffjGmbGsJG+sHYc7dWILW58aNZ1Ms5rdk6u5vybhyuDUVTFew/wHjkg4mkTX/+R
KyWDZWwVd5K2+iUUyD2NIsO9bcxKXX0tiqU0AiMQxUerpgRkpY0HzLJTiqLgRLx7
X8YddkKYvJRnvkDF1abOniCD1dsjWogu7aA8ARoqcMPrGAbRC8rVK+DGfvmoGkE1
lqYe+bRS6R0p9fnF5qZG/p7fh0i/SbXlgSk2Luu2d+iXYNO+KA3KPOY=
-----END CERTIFICATE-----

orangepizza · March 14, 2023, 7:53am

that's self-signed certificate, try run renew?

Version: 3 (0x02)
Serial number: 147866637064686121524347864230134858152017793718 (0x19e691bf5c8fda5c8d2a43ef13f191c670ee12b6)
Algorithm ID: SHA256withRSA
Validity
Not Before: 01/03/2023 09:36:54 (dd-mm-yyyy hh:mm:ss) (230301093654Z)
Not After: 29/02/2024 09:36:54 (dd-mm-yyyy hh:mm:ss) (240229093654Z)
Issuer
C = it
ST = turin
L = turin
O = EL.VI. SERVIZI SRL
CN = Server EL.VI.
E = elviservizi.it
Subject
C = it
ST = turin
L = turin
O = EL.VI. SERVIZI SRL
CN = Server EL.VI.
E = elviservizi.it
Public Key
Algorithm: RSA
Length: 2048 bits
Modulus: ce:01:64:ed:3c:51:e3:c2:d7:59:67:81:0b:33:02:5d:
...
Exponent: 65537 (0x10001)
Certificate Signature
Algorithm: SHA256withRSA
Signature: 20:f5:28:64:0c:50:13:81:4d:f0:37:5e:88:52:a8:22:
...

Extensions
subjectKeyIdentifier :
754d988343e395aa9328e212d9ab836d69c078a3
authorityKeyIdentifier :
kid=754d988343e395aa9328e212d9ab836d69c078a3
basicConstraints CRITICAL:
cA=true

youdrippinseb · March 14, 2023, 10:34am

i would but everyone says not to exagerate with requests of renewal, I practically have cert.pem that is corrupted. Do I have to fix that first or if i renew the cert that file also gets fixed?

orangepizza · March 14, 2023, 10:59am

sudo certbot --apache -d elviservizi.it -d www.elviservizi.it
maybe try this?
I think it isn't what your webserver config looks at so not sure it will install currectly though

youdrippinseb · March 14, 2023, 11:02am

this made even my working https://elviservizi.it not work anymore

orangepizza · March 14, 2023, 11:05am

that fixed www and non-www version in my perspective though

youdrippinseb · March 14, 2023, 11:07am

also mines after i deleted cache, thank you so much

youdrippinseb · March 14, 2023, 11:12am

@Bruce5051 @MikeMcQ @Osiris @orangepizza Thank you all for helping me through this, I really appreciate your effort. You're always welcome for a pizza if you're passing by. Have a nice day

MikeMcQ · March 14, 2023, 1:28pm

Glad it is working well now. I see your redirects from HTTP to HTTPS are not working. I did not give you complete advice about this earlier. You should change your

/etc/apache2/sites-enabled/000-default.conf

To look like below. When you added the RewriteCond for the www name I did not mention you also needed to add the [OR] to the prior line. This should fix your redirects:

RewriteEngine on
RewriteCond %{SERVER_NAME} =elviservizi.it [OR]
RewriteCond %{SERVER_NAME} =www.elviservizi.it
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

youdrippinseb · March 14, 2023, 4:02pm

Did that, thank u again my man!

MikeMcQ · March 14, 2023, 4:14pm

You are welcome. Still not redirecting though. You will need to reload / restart Apache if you have not yet.

system · April 13, 2023, 4:15pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.