Problem obtaining new cert

Please fill out the fields below so we can help you better.

My domain is: xometry.net

I ran this command: certbot-auto --apache

It produced this output:
Fri Oct 07 17:18:12.530102 2016] [ssl:emerg] [pid 16152:tid 139959382439808] AH02240: Server should be SSL-aware but has no certificate configured [Hint: SSLCertificateFile] (/etc/apache2/sites-enabled/sitea.conf:12)
[Fri Oct 07 17:18:12.530138 2016] [ssl:emerg] [pid 16152:tid 139959382439808] AH02311: Fatal error initialising mod_ssl, exiting. See /var/log/apache2/error.log for more information
[Fri Oct 07 17:20:37.629328 2016] [ssl:emerg] [pid 16276:tid 140713537795968] AH02240: Server should be SSL-aware but has no certificate configured [Hint: SSLCertificateFile] (/etc/apache2/sites-enabled/quote.conf:12)
[Fri Oct 07 17:20:37.629367 2016] [ssl:emerg] [pid 16276:tid 140713537795968] AH02311: Fatal error initialising mod_ssl, exiting. See /var/log/apache2/error.log for more information
[Fri Oct 07 17:20:37.736910 2016] [ssl:emerg] [pid 16285:tid 139951253837696] AH02240: Server should be SSL-aware but has no certificate configured [Hint: SSLCertificateFile] (/etc/apache2/sites-enabled/sitea.conf:12)

My operating system is (include version):
ubuntu 14.04
My web server is (include version):
Apache

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
no


I am attempting to get a cert for a new QA env. The site is SSL enabled but, I need to get a new cert for the QA. I am unable to start the server without a cert but, the only cert that I currently have is for the .com domain. Please advise how I can get around this…

The issue is that I gave the following lines commented out since I do not have a cert yet… but I am not sure how to get around the chicken/egg situation.

THANK YOU! Assistance MUCH appreciated!!!

	#   SSL Engine Switch:
	#   Enable/Disable SSL for this virtual host.
	#SSLEngine on

	#   A self-signed (snakeoil) certificate can be created by installing
	#   the ssl-cert package. See
	#   /usr/share/doc/apache2/README.Debian.gz for more info.
	#   If both key and certificate are stored in the same file, only the
	#   SSLCertificateFile directive is needed.
	#SSLCertificateFile /etc/ssl/certs/WildCardSha2.pem
	#SSLCertificateKeyFile /etc/ssl/private/WildCardSha2.key

	#   Server Certificate Chain:
	#   Point SSLCertificateChainFile at a file containing the
	#   concatenation of PEM encoded CA certificates which form the
	#   certificate chain for the server certificate. Alternatively
	#   the referenced file can be the same as SSLCertificateFile
	#   when the CA certificates are directly appended to the server
	#   certificate for convinience.
	#SSLCertificateChainFile /etc/ssl/certs/CABundle.pem

Disable the whole VirtualHost for the SSL site until you have a certificate you can use. I don’t think LE checks the cert chain or Common Name when doing HTTP-based validation, so you may be able to get away using the other certificate for validation at the least.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.