SSL not loading

blackwing · October 22, 2019, 12:59pm

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:mail.isitwetyet.com

I ran this command:certbot --apache

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version): centos 7

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I recently installed certbot on this machine and was using it until last night, but early this morning. I find my self that the ssl for my domain is not loading and I’m not sure which certificate it’s using.

help please.

JuergenAuer · October 22, 2019, 1:04pm

Hi @blackwing

you have created two certificates - https://check-your-website.server-daten.de/?q=mail.isitwetyet.com#ct-logs

Issuer	not before	not after	Domain names
Let's Encrypt Authority X3	2019-10-22	2020-01-20	mail.isitwetyet.com
1 entries	duplicate nr. 2
Let's Encrypt Authority X3	2019-10-16	2020-01-14	mail.isitwetyet.com
1 entries	duplicate nr. 1
Let's Encrypt Authority X3	2019-10-09	2020-01-07	mail.isitwetyet.com
1 entries

But you don't use one of these, instead, you use a self signed certificate.

What says

apachectl -S

blackwing · October 22, 2019, 1:06pm

Main DocumentRoot: “/var/www/html/webmail”

Main ErrorLog: “/etc/httpd/logs/error_log”

Mutex proxy-balancer-shm: using_defaults

Mutex rewrite-map: using_defaults

Mutex authdigest-client: using_defaults

Mutex ssl-stapling: using_defaults

Mutex proxy: using_defaults

Mutex authn-socache: using_defaults

Mutex ssl-cache: using_defaults

Mutex default: dir="/run/httpd/" mechanism=default

Mutex mpm-accept: using_defaults

Mutex authdigest-opaque: using_defaults

PidFile: “/run/httpd/httpd.pid”

Define: _RH_HAS_HTTPPROTOCOLOPTIONS

Define: DUMP_VHOSTS

Define: DUMP_RUN_CFG

User: name=“apache” id=48

Group: name=“apache” id=48

last night it was actually OK.

blackwing · October 22, 2019, 1:09pm

On my apache httpd.conf I have this line

IncludeOptional sites-enabled/*.conf

in which the configuration has this

Include /etc/letsencrypt/options-ssl-apache.conf

SSLCertificateFile /etc/letsencrypt/live/mail.isitwetyet.com/cert.pem

SSLCertificateKeyFile /etc/letsencrypt/live/mail.isitwetyet.com/privkey.pem

SSLCertificateChainFile /etc/letsencrypt/live/mail.isitwetyet.com/chain.pem

blackwing · October 22, 2019, 1:23pm

I’m not sure why, but my system is using the default certificate of the apache from conf.d and had to replace the one on ssl.conf with the certificate issued by certbot and that works for now.

JuergenAuer · October 22, 2019, 1:35pm

There is no vHost visible. So no is defined or all vHosts are disabled.

So only the standard vHost is used.

apachectl -S should show that - but there is no output.

blackwing · October 22, 2019, 2:07pm

I actually have another domain on the same domain, but was working perfectly.

system · November 21, 2019, 2:07pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.