Possible documentation error in certbot docs


#1

First of all many thanks to all at letsencrypt, this is a huge leap forward for open source and free software.

I have a working letsencrypt certificate on my site.

The certbot docs imply that apache versions greater than 2.4.8 will accept a combined certificate and key file. I am running apache 2.4.10 on a debian jessie server and tried the single file approach, but it failed. I replaced the single SSLCertificateFile pointing to fullchain.pem with separate SSLCertificateFile and SSLCertificateKeyFile pointing to cert.pem and privkey.pem and all was well.

Has anyone else had a similar experience?


#2

That’s not quite correct - apache >= 2.4.8 will accept a combined cert + chain file (called fullchain.pem with certbot), not a cert + key file. Older versions of apache need a separate SSLCertificateFile (pointing to cert.pem) and SSLCertificateChainFile (pointing to chain.pem) directive for the chain certificate. The SSLCertificateKeyFile directive pointing to privkey.pem is always needed.


#3

Also, what docs are you referring to precisely? B/c if you’re saying something is incorrect there, it would be helpful if you actually linked the page in question :wink:


#4

Thanks very much for that clarification.


#5

Yes, good point, the docs are here https://certbot.eff.org/docs/using.html,
but thanks to pfg’s clarification this is probably no longer relevant.


#6

The docs are verified correct.


#7

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.