After I run:
certbot --apache
on a Ubuntu 16.06 system, the process finishes with a message telling me the certificate was installed with success:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Which names would you like to activate HTTPS for?
-------------------------------------------------------------------------------
1: klebermota.eti.br
2: www.klebermota.eti.br
-------------------------------------------------------------------------------
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel):
Cert not yet due for renewal
You have an existing certificate that has exactly the same domains or certificate name you requested and isn't close to expiry.
(ref: /etc/letsencrypt/renewal/klebermota.eti.br.conf)
What would you like to do?
-------------------------------------------------------------------------------
1: Attempt to reinstall this existing certificate
2: Renew & replace the cert (limit ~5 per 7 days)
-------------------------------------------------------------------------------
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 1
Keeping the existing certificate
Created an SSL vhost at /etc/apache2/sites-available/000-default-le-ssl.conf
Deploying Certificate for klebermota.eti.br to VirtualHost /etc/apache2/sites-available/000-default-le-ssl.conf
Deploying Certificate for www.klebermota.eti.br to VirtualHost /etc/apache2/sites-available/000-default-le-ssl.conf
Please choose whether HTTPS access is required or optional.
-------------------------------------------------------------------------------
1: Easy - Allow both HTTP and HTTPS access to these sites
2: Secure - Make all requests redirect to secure HTTPS access
-------------------------------------------------------------------------------
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2
Enhancement redirect was already set.
Enhancement redirect was already set.
-------------------------------------------------------------------------------
Congratulations! You have successfully enabled https://klebermota.eti.br and
https://www.klebermota.eti.br
You should test your configuration at:
https://www.ssllabs.com/ssltest/analyze.html?d=klebermota.eti.br
https://www.ssllabs.com/ssltest/analyze.html?d=www.klebermota.eti.br
-------------------------------------------------------------------------------
IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at
/etc/letsencrypt/live/klebermota.eti.br/fullchain.pem. Your cert
will expire on 2017-09-09. To obtain a new or tweaked version of
this certificate in the future, simply run certbot again with the
"certonly" option. To non-interactively renew *all* of your
certificates, run "certbot renew"
- Some rewrite rules copied from
/etc/apache2/sites-available/000-default.conf were disabled in the
vhost for your HTTPS site located at
/etc/apache2/sites-available/000-default-le-ssl.conf because they
have the potential to create redirection loops.
- If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le
but when I test my site (both urls ‘klebermota.eti.br’ and ‘www.klebermota.eti.br’) in the ssllabs website, I get the error:
Assessment failed: No secure protocols supported
Someone can give a hint of what’s wrong here?