My domain is: www.creatissus.com
I’d like to know if the only thing i have to do is remove the lines referring to the commercial SSL certificate.
Run the cerbot command
./certbot-auto certonly --webroot -w /home/domaine/public_html -d www.domaine.com
and add the usual lines of code referring to the Letsencrypt certificate in the vhost file?
Hi @refschool,
You should remove nothing till you issued your cert using the command you posted. Once you get your cert, yes, you can replace the paths of SSL directives SSLCertificateFile and SSLCertificateKeyFile to point to the right paths for your LE issued domains.
As you are using Apache 2.4.10, SSLCertificateFile should point to fullchain.pem file.
SSLCertificateFile /etc/letsencrypt/live/yourdomain.tld/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/yourdomain.tld/privkey.pem
Note: you should change yourdomain.tld for the real one.
Also, take care because this command:
./certbot-auto certonly --webroot -w /home/domaine/public_html -d www.domaine.com
Will issue a certificate covering www.domaine.com BUT NOT domaine.com. As your current cert covers both, your command should look like:
./certbot-auto certonly --webroot -w /home/domaine/public_html -d www.domaine.com,domaine.com
or
./certbot-auto certonly --webroot -w /home/domaine/public_html -d www.domaine.com -d domaine.com
Also, the first name specified will name the certificate, so if you put www.domain.com, your certs will be located here:
/etc/letsencrypt/live/www.domaine.com/
If you switch the order:
./certbot-auto certonly --webroot -w /home/domaine/public_html -d domaine.com -d www.domaine.com
the cert will be located here:
/etc/letsencrypt/live/domaine.com/
Hope this helps.
Cheers,
sahsanu
Hi many thanks for the detailed answer.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.