Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
I ran this command: sudo certbot run -a webroot -i apache -w /var/www/html/wordpress -d tptimes.org -d www.tptimes.org
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requesting a certificate for tptimes.org and www.tptimes.org
Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/tptimes.org/fullchain.pem
Key is saved at: /etc/letsencrypt/live/tptimes.org/privkey.pem
This certificate expires on 2024-10-28.
These files will be updated when the certificate renews.
Certbot has set up a scheduled task to automatically renew this certificate in the background.
Deploying certificate
Successfully deployed certificate for tptimes.org to /etc/apache2/sites-available/000-default-le-ssl.conf
Successfully deployed certificate for www.tptimes.org to /etc/apache2/sites-available/000-default-le-ssl.conf
Congratulations! You have successfully enabled HTTPS on https://tptimes.org and https://www.tptimes.org
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
If you like Certbot, please consider supporting our work by:
* Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
* Donating to EFF: https://eff.org/donate-le
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
My web server is (include version):
Server version: Apache/2.4.58 (Ubuntu)
Server built: 2024-07-17T18:55:23
The operating system my web server runs on is (include version): ubuntu
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 2.9.0
i did sudo ls /etc/letsencrypt/live/tptimes.org/ and all certs were there.
Is the phone it isn’t working in an Android device running a version older than 7.1.1? Those devices don’t support Let’s Encrypt. From what you’ve posted it seems your website is otherwise working properly.
That is unusual. Your domain is proxied at Cloudflare so your initial connection is to their CDN edge. That currently uses a cert from Google (they can choose various suppliers)
Connection problems between the CF edge and your Origin server are reported in a different way
Below is a successful connection but it redirects to itself so gets a redirect loop. Notice the location is the same as the URL requested. Also note the Cloudflare server
didnt really fix anything,
Should I try removing the Cloudflare ? I previously tried Certbot, but it didn’t work. After that, I added Cloudflare nameservers, tried Certbot again, and it didn’t work initially. However, after waiting a few minutes, it eventually worked, and SSL was activated. So, should I remove the Cloudflare from the account
Looks like your IPv6 address does not point to your EC2 instance (that IP belongs to 1&1)
Notice in your first post the SSL Labs test connection using IPv6 failed. You should correct the AAAA record in your DNS or remove it if you don't have IPv6 support.
Your phone is probably using IPv6 on your carrier network but your desktop and laptop are using IPv4 with your ISP. Could that explain it? You need to fix your AAAA record in any case.
With Cloudflare proxy enabled I thought it should work anyway as Cloudflare edge prefers IPv4 but maybe I am wrong. @linkp would know that
Once you setup Cloudflare proxy again then redirects can be handled by its edge or passed through to your Origin server. Those issues are best handled from the Cloudflare docs or its community
