Starting at the VERY Beginning

I have had something of a frustrating time, receiving various errors at various times; I’ve had self-signed certificates that worked and didn’t work, and even one successful Let’s Encrypt certificate which stopped working and would then not renew (it is now expired). It doesn’t help that I have searched and can find NO start-to-finish setup list for people trying to set up SSH using Let’s Encrypt; everything seems to assume knowledge of one thing or another; frequently it’s assumed one has used SSH certs before and only needs to learn certbot. So I would like to start at the VERY beginning, walking through EVERY STEP of Apache/SSH/certbot configuration to not only ensure my own success, but hopefully leaving a breadcrumbed roadmap for people in the future who, like me, are only beginning to set up SSL and may have made mistakes with standard Apache configurations.

I have various domains on a CentOS7 server which require certificates, most of which are in different directories on the server. They are currently operating under Apache 2.2.15, standard HTTP on port 80. I have removed all of the <VirtualHost> containers to the conf.d directory (I’m an old guy used to having them all in httpd.conf, so this is a new thing to me).

Before dealing with SSH, I want to make sure my <VirtualHost>s are set up to what certbot expects; since there are many ways to set them up (even some “improper” setups are accepted by Apache), let’s make sure they are all consistent and set up in such a way that certbot won’t have any complaints with those.

So, some formats used:

<VirtualHost *:80> (port only, also seen as <VirtualHost \*:80>)
<VirtualHost> (the IPv4 address of the server)
<VirtualHost> (the IPv4 address of the server w/port)
<VirtualHost www.example.tld> (name of the virtual server)
<VirtualHost www.example.tld:80> (name of the virtual server w/port)
<VirtualHost *:*> (d*mn the torpedoes!)

For the time being, we will assume the DocumentRoot, ServerName, ServerAlias, and container are all correct. And yes, I understand some may be better for niche situations than others, but this is a “standard” server with virtual hosts not spread between machines, each contained in different directories on a single machine.

So which version of the VirtualHost container will cause certbot the least issues?

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.