Please fill out the fields below so we can help you better.
My domain is: example.com
I ran this command: service apache2 reload
It produced this output:
- The apache2 configtest failed. Not doing anything.
Output of config test was:
AH00526: Syntax error on line 22 of /etc/apache2/sites-enabled/example.com-le-ssl.conf:
SSLCertificateFile: file ‘/etc/letsencrypt/live/joliefanny.com/cert.pem’ does not exist or is empty
Action ‘configtest’ failed. (my apache2 error.log is empty)
My operating system is (include version): Ubuntu 14.04
My web server is (include version): Apache 2.4.7
My hosting provider, if applicable, is: Amazon
I can login to a root shell on my machine (yes or no, or I don’t know): Yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No
I assume before you ran the “service apache2 reload” command you ran a certbot command of some sort to obtain a certificate. Can you provide that command, and the result it gave ?
COMMAND : /usr/local/sbin$ ./certbot-auto --apache
Requesting root privileges to run certbot…
/home/ubuntu/.local/share/letsencrypt/bin/letsencrypt --apache
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Then I select : joliefanny.com and www.joliefanny.com in the blue box.
The certbot ran without errors and then :
- Congratulations! Your certificate and chain have been saved at
/etc/letsencrypt/live/joliefanny.com/fullchain.pem. Your cert will
expire on 2017-03-06. To obtain a new or tweaked version of this
certificate in the future, simply run certbot-auto again with the
"certonly" option. To non-interactively renew all of your
certificates, run “certbot-auto renew”
Can you do a full directory listing in /etc/letsencrypt/live/joliefanny.com/ please ( ls -l … so it includes all files and sizes )
Here is apache2 error.log :
[Tue Dec 06 09:08:59.250240 2016] [ssl:warn] [pid 1574] AH01906: RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Tue Dec 06 09:08:59.250499 2016] [ssl:warn] [pid 1574] AH01906: RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Tue Dec 06 09:08:59.251326 2016] [ssl:warn] [pid 1574] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)
[Tue Dec 06 09:08:59.251381 2016] [mpm_prefork:notice] [pid 1574] AH00163: Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.20 OpenSSL/1.0.1f configured – resuming normal operations
[Tue Dec 06 09:08:59.251388 2016] [core:notice] [pid 1574] AH00094: Command line: ‘/usr/sbin/apache2’
[Tue Dec 06 09:09:05.947595 2016] [mpm_prefork:notice] [pid 1574] AH00171: Graceful restart requested, doing restart
Here is the listing of the directory :
root@ip-172-31-19-213:/etc/letsencrypt/live/joliefanny.com# ls -l
total 0
lrwxrwxrwx 1 root root 38 Dec 6 09:09 cert.pem -> …/…/archive/joliefanny.com/cert4.pem
lrwxrwxrwx 1 root root 39 Dec 6 09:09 chain.pem -> …/…/archive/joliefanny.com/chain4.pem
lrwxrwxrwx 1 root root 43 Dec 6 09:09 fullchain.pem -> …/…/archive/joliefanny.com/fullchain4.pem
lrwxrwxrwx 1 root root 41 Dec 6 09:09 privkey.pem -> …/…/archive/joliefanny.com/privkey4.pem
What is the content of cert.pem (or the file it links to, cert4.pem) ? ( note: the privkey.pem needs to be kept private, but the cert.pem is OK to provide )
Here is the listing of letsencrypt directory :
root@ip-172-31-19-213:/etc/letsencrypt# ls -l
total 28
drwx------ 3 root root 4096 Aug 14 01:02 accounts
drwx------ 3 root root 4096 Aug 14 01:03 archive
drwxr-xr-x 2 root root 4096 Dec 6 09:09 csr
drwx------ 2 root root 4096 Dec 6 09:09 keys
drwxr-xr-x 3 root root 4096 Aug 14 01:03 live
-rw-r–r-- 1 root root 1389 Aug 14 01:02 options-ssl-apache.conf
drwxr-xr-x 2 root root 4096 Dec 6 09:09 renewal
Archive directory have not the same permissions of live directory.
I apply chmod 755 to archive and it work 
Check the permissions of your private key though - that shouldn’t have world read permissions.