SSL on Cent OS 7 - Site using default self signed cert

I am needing some help! I have a VPS and installed Cent OS 7 and Apache. Once the OS is installed, it creates an SSL Cert that is self-signed. I install Certbot and create an SSL certificate that uses Lets Encrypt as the CA. This works fine. However when I go to the website, it still uses the self-signed certificate, rather than the higher level one from Lets Encrypt.

This is the domain report form ssl shopper:

https://www.sslshopper.com/ssl-checker.html?hostname=www.thedevgarden.co.uk

I imagined that just by installing the Let’s Encrypt Cert everything would be fine!
Do I need to install some kind of intermediary cert or something?
I’m at a loss with this, so if anyone has any ideas, please let me know! Thanks, A

My domain is:
www.thedevgarden.co.uk

I ran this command:

It produced this output:

My web server is (include version):
Apache/2.4.6 (CentOS)

The operating system my web server runs on is (include version):
Cent OS 7

My hosting provider, if applicable, is:
n/a

I can login to a root shell on my machine (yes or no, or I don’t know):
yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
n/a

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
certbot 1.4.0

1 Like

This is important: how did you generate the certificate? Please answer with the full command.

1 Like

Hi Osrisis, I think I have it figured out. Seems I need to enter some info into the ssl.conf about where the certificates are located. I had expected Certbot to do all this.
Thanks.
A

1 Like

certbot can do that. That's the reason I asked for the command you used.

1 Like

I’ve probably messed up at some point, but the guide I was following is this :slight_smile:

https://www.hostinger.com/tutorials/how-to-install-ssl-certificate-on-centos-7

and the only command I ran was:

certbot

and then followed the onscreen.

I think I might need to re-install Cent OS and try it again. Practice makes perfect!

Hard to say without the actual output of certbot and the choices you've made.

Reinstalling the whole OS is almost NEVER the correct action to take.

1 Like

Yeah, no worries - its not a production server, or even a staging server. Just a project server with nothing on it. I’ve wiped and re-installed a tonne of times already.

But you won’t learn the deeper, integeral working of systems by just starting “fresh” every time you run in to a little bit of trouble.

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.