The CA Root Certificate Is Not Trusted


#1

I am posting here because I am not certain about why I am encountering this error. I am new to Let’s Encrypt, and have been scouring topics all day long on what could be causing this “The CA Root Certificate Is Not Trusted” Here is my setup. I have a server with a bunch of sites…on a VPS running Apache 2.4 (Centos 6.9). The site is awomanstouchmd.com or awomanstouchmd.adfxcreativitythatworks.com. I tried issuing certificates for both of those, but neither one works. The certificate path has fullchain.pem files. The private key path has privkey.pem files. Looks like the certificates were issued, but I have something wrong in terms of configuration. Can someone please help?


#2

Hi @jfouts1979

your first website has a self signed certificate. But you have created a Letsencrypt-certificate today.

https://transparencyreport.google.com/https/certificates?cert_search_auth=&cert_search_cert=&cert_search=include_expired:false;include_subdomains:false;domain:awomanstouchmd.com&lu=cert_search

Same with your second domain:

https://transparencyreport.google.com/https/certificates?cert_search_auth=&cert_search_cert=&cert_search=include_expired:false;include_subdomains:false;domain:awomanstouchmd.adfxcreativitythatworks.com&lu=cert_search

is the correct certificate.

So you have them, but don’t use them.

Did you restart / reload your server?


#3

Restarted - reloaded - same problem (no change).


#4

Then please answer all these questions (shown first post): Tool, command, configuration.

Certbot certificates

to see your certificates. And your configuration file (Apache or nginx), there you have to use the files shown with certbot certificates


#5

Centos 6.9
Apache 2.4
On a VPS through HostGator
Found the following certs:
Certificate Name: awomanstouchmd.adfxcreativitythatworks.com
Domains: awomanstouchmd.adfxcreativitythatworks.com
Expiry Date: 2018-11-28 15:46:30+00:00 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/awomanstouchmd.adfxcreativitythatworks.com/fullchain.pem
Private Key Path: /etc/letsencrypt/live/awomanstouchmd.adfxcreativitythatworks.com/privkey.pem
Certificate Name: awomanstouchmd.com
Domains: awomanstouchmd.com
Expiry Date: 2018-11-28 15:09:12+00:00 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/awomanstouchmd.com/fullchain.pem
Private Key Path: /etc/letsencrypt/live/awomanstouchmd.com/privkey.pem
Not sure exactly what you need to see in the configuration file?


#6

Hi,

Can you please check your Apache virtual host folder?

There should be a list of virtual hosts (including the TLS ones)

Edit the TLS virtual host for domain https://awomanstouchmd.com and set certificate path to the correct ones.

Thank you


#7

You have to use these paths

in your apache-configuration. There must be a ssl-section, there is the current, self signed certificate

https://awomanstouchmd.adfxcreativitythatworks.com/

used. Same with the other domain.


#8

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.