Please fill out the fields below so we can help you better.
My domain is:cloud.famploeg.com
I ran this command:
It produced this output:
My operating system is (include version):openSUSE 13.2
My web server is (include version):
My hosting provider, if applicable, is:versio.nl
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):directadmin
i have my website hosted by a hoster. And i host a application on my server i need to setup the ssl certificate but i only see manuels how set this up when you have your domain and website on the same server this is not the case for me.
i my case its a application installed on my server and i used a a record ro reslove this in a name…
i hope some can help me out iam kinda new to installing certificates…
Hi @wichert, can you explain more about what you mean by this? Do you mean that you have a separate www.example.com and application.example.com, or does the hoster somehow forward requests to your application on your server, or proxy requests to you?
So, the short answer is that your domain registrar would not be relevant here.
The IP address your domain resolves to points to your application server (from what I understand), and that’s more or less all that matters to Let’s Encrypt and certbot. For all intents and purposes, you can consider your domain to be “in the same place” as your server (that’s not technically accurate, but conceptually speaking, it works).
The regular instructions for certbot for your OS/web server should work here. If you run into any problems with that, we’re happy to help!
aah ok so its actually possible to to it this way…
i have some expierence with setting up certificates but not like this when domain a host are not in the same place or however you wanna put it.
As I mentioned, the domain registrar and your hosting provider being different is a very common use-case, and does not affect anything SSL-related at all. The regular instructions on certbot’s homepage should work just fine for you.
What were the commands you ran prior to that, and what was the output? The renew command is something you would run after you first successfully got the certificates with something like --apache or certonly. It seems like that step didn’t succeed, as there’s no certificate for the renew command to actually renew.
I’d be interested in the final output of that command. It if succeeded, you should’ve gotten something like “Congratulations! Your certificate …”, along with the path to the certificate. Otherwise, there should’ve been some kind of error.
Are there any directories in /etc/letsencrypt/live, with files like cert.pem inside? If not, that would indicate something went wrong with the first command. I’d recommend running it again and pasting the final output of that command here so we can check what the actual issue was.
It’s possible that PuTTY swallowed the final output, I’ve seen it do that in the past when used with ncurses dialogs.
Try running:
./certbot-auto --apache -t
This will avoid the interactive dialogs and provide a text-based interface where you should be able to see the final output. The live/ directory being missing is consistent with that command failing for some reason, so that’s probably where things went wrong.
Hmm, I’m not sure if certbot is compatible with the way openSUSE organizes their apache configuration by default. You might have to use certonly mode, for example with the webroot plugin. This allows you to get the certificate files, but it would not automatically install those certificates in apache, so you’d have to do that on your own. Mozilla’s SSL Configuration Generator has a good base config for apache and other web servers, but you might want to look for more specific guides on how to enable SSL on openSUSE.
Just to clarify, this only affects the apache plugin and its automated installation/configuration. You can still get a certificate using the method I suggested in my previous post, certbot just won’t be able to configure your web server for you (which is true for all other CAs out there as well).