SSLCACertificatePath: directory does not exist

What shows?:
ls -l /etc/letsencrypt/archive/

 sudo ls -l /etc/letsencrypt/archive/
total 40
-rw-r--r--. 1 root root 1854 22 févr. 13:35 cert1.pem
-rw-r--r--. 1 root root 1879 22 févr. 13:36 cert2.pem
-rw-r--r--. 1 root root 3749 22 févr. 13:35 chain1.pem
-rw-r--r--. 1 root root 3749 22 févr. 13:36 chain2.pem
-rw-r--r--. 1 root root 5603 22 févr. 13:35 fullchain1.pem
-rw-r--r--. 1 root root 5628 22 févr. 13:36 fullchain2.pem
-rw-------. 1 root root 1704 22 févr. 13:35 privkey1.pem
-rw-------. 1 root root 1704 22 févr. 13:36 privkey2.pem

It would seem that httpd is having permissions trouble accessing the files in those folders.
You could try making copies of the files to a location that httpd can access.


httpd is using apache as user, and look at the results of manei I mantioned you will see that httpd, say apache, have no proble to access and read these files.
And certbot said we should not move these files anywhere else so if I do copy them ,how can I ask to point on it ? just changing the SSL directives into the config file ?

I did a trial putting the files somewhere else but : apache create the directory, apache copy the fiules to that new directory, so obviously it does have the rights to read it, but the eror is the same.

I said COPY not MOVE.

Nothing is obvious about this problem.


???? what is the what ? Anyway I didn't deleted the files from one place to the other, say moved it, of course. Let copy what text above

I did a mis-tipping it's not fiules but flles to be unbderstand. So they are COPIED and not MOVED.

Your Apache was running properly when I posted #12

Please show output of this command.

sudo systemctl --full status httpd

It worked properly without ssl enabled, or with ssl module loaded but not files with ssl diefied for vrtualhosts.

httpd.service - The Apache HTTP Server
     Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; preset: disabled)
    Drop-In: /usr/lib/systemd/system/httpd.service.d
     Active: active (running) since Sat 2023-02-25 15:22:32 UTC; 1min 9s ago
       Docs: man:httpd.service(8)
   Main PID: 376672 (/usr/sbin/httpd)
     Status: "Total requests: 0; Idle/Busy workers 100/0;Requests/sec: 0; Bytes served/sec:   0 B/sec"
      Tasks: 177 (limit: 4506)
     Memory: 19.4M
        CPU: 166ms
     CGroup: /system.slice/httpd.service
             ├─376672 /usr/sbin/httpd -DFOREGROUND
             ├─376673 /usr/sbin/httpd -DFOREGROUND
             ├─376674 /usr/sbin/httpd -DFOREGROUND
             ├─376675 /usr/sbin/httpd -DFOREGROUND
             └─376676 /usr/sbin/httpd -DFOREGROUND

févr. 25 15:22:32 systemd[1]: Starting httpd.service - The Apache HTTP Server...
févr. 25 15:22:32 httpd[376672]: Server configured, listening on: port 443, port 8080, ...
févr. 25 15:22:32 systemd[1]: Started httpd.service - The Apache HTTP Server.

By the way, the files are in archive directory, the ones in live dir are linked to those ones in archive. The link of the private key 755 while the real file in archive have 600. Does the 755 on the link could make a problem ?

Something else : The error form client side and server had changed. Do you think its possible that the old ceritficates I did on my own for my old (10 days) server, which worked for years, could have stayed and put a mess within internet the same way that when you change the dns ip to for exemple, and this mess make the openssl dom not recognize the certificate - cause I don't know how it works, but I suppose evferytime at start up, openssl will compare the site its deserve and its certificates to the ones registred somewhere or something like that and maqke sure evrything is in phase.

Well I will chack the sites on the browser now that the server runs properly (even if openssl does not find the certificates) and let yu know if something new...

No, it worked correctly - full stop. I had a successful connect on HTTPS with your recently acquired cert.

As for the status, can you update your Apache config to use the files in /etc/letsencrypt/live... again. That's what we want working. The error below shows a different file location

AH00526: Syntax error on line 21 of /etc/httpd/conf.d/2-nuage-le-ssl.conf:
févr. 25 14:29:19 httpd
SSLCertificateFile: file '/srv/ssl/' does not exist or is empty

What do you mean ? How can you connect to my certificates ?

Do not pay attention to this one, sorry it is a mistake, These are the ceritficated I copy and paste on request from @rg305 (our post just above)

SSLCertificateFile /etc/letsencrypt/live/
SSLCertificateKeyFile '/etc/letsencrypt/live/'

Did you remove it then from your Apache Config? Because that is what was stopping Apache from running. You can see that clearly in the systemctl status results

Anyone who successfully connects to your domain using HTTPS can see your certs. They are exchanged for the HTTPS (SSL) connection. They don't see the private key.

I successfully did one of these connections


The error log now shows connection to the site..... :smiley: Does one of you could connect on it ? ?

Yes, it is working again. You don't need us to confirm. Use a site like either of the


True it works !!!!!!!!!!!!!!!!!!! :rofl:
How and why it works now ?

Because your Apache config is no longer faulty, is my guess


I had spent several days eploring this config with poeple on httpd channel of liberachat. We where several to lok and look again in details.
It make me more questions ....

I am very confused. furthermore I have the feeling that I did make you loose your time. I am really sorry. Believe me, it more than a week that I am working on that!

1 Like

But it is really slow compare to what it was before (on the other server with my own certificates). Can it be due to certificates ?

No :slight_smile: The certs are only used for HTTPS connections. The slow response even happens for HTTP requests.


I did not check. Well I don't how and why it is solved, but for instance it is solved. Thanks all for your help.

1 Like

You might try rebooting your server or restarting your VPS for the performance problem