I ran this command: ./certbot-auto certonly --webroot -w /root/thurly -d thurly.com
It produced this output:
Congratulations! Your certificate and chain have been saved at
/etc/letsencrypt/live/thurly.com/fullchain.pem. Your cert will
expire on 2017-04-26. To obtain a new or tweaked version of this
certificate in the future, simply run certbot-auto again. To
non-interactively renew all of your certificates, run
If you like Certbot, please consider supporting our work by:
The webserver uses the TLS certificate and corresponding private key for encrypting the connections. Therefore, the webserver needs to know where to find the certificate & private key. This has to be configured in the webserver.
From the text you’ve given us, you only ran certbot-auto with the certonly subcommand. This will only get you a certificate. But your webserver doesn’t have a crystal ball. The webserver doesn’t know what you want, until you tell it so. So you’ll have to configure your webserver properly for TLS and say where to find the certificate and private key.
If this doesn’t make any sense, you’d probably need to read a lot more about webservers and TLS in general and in my opinion you should leave this stuff to someone with more affinity/knowledge about this things.