This website does not supply ownership information

Help
1

Please fill out the fields below so we can help you better. Note:
you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:
https://v2yget13.mylaundrypass.com:8443/

certbot 0.27.0
ubuntu 16.04
tomcat 8

i set up letsencrypt certbot and got the reply

  • Congratulations! Your certificate and chain have been saved at:
    /home/y/0001_chain.pem
    Your cert will expire on 2022-06-07. To obtain a new or tweaked
    version of this certificate in the future, simply run certbot

if i run the site
https://letsdebug.net/
on
https://v2yget13.mylaundrypass.com:8443/
i get
All OK!

but when i log in to the site , i get error

owner : This website does not supply ownership information.
verified by : Not specified
technical Details : Connection not encrypted . the website does not support encryption

2

You haven't installed the certificate you got from Let's Encrypt. You are using a self signed one. (One of the five, more like.)

You have to configure your webserver to use the proper certificate.

What certbot command did you run and what webserver are you running?

1 Like
3

Yes certbot does not configure Tomcat automatically, you need to modify your Tomcat config to use the certificate files. Here is an example config: Mozilla SSL Configuration Generator

This example tomcat guide may also be useful: How to Install Let’s Encrypt SSL with Tomcat – TecAdmin

3 Likes
4

seems like i did not create a pem files but a jks file

the tomcat is configured as

<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
           maxThreads="150" SSLEnabled="true" 
		   scheme="https" secure="true"
           clientAuth="false" sslProtocol="TLS"  keyAlias="v2yget13.mylaundrypass"
       keystoreFile="/home/apache-tomcat-8.5.46/v2yget13.mylaundrypass.jks" keystorePass="XXX"

/>

should i change anything , or start over ?

5

Ok, well if the JKS file is generated using your current Let's Encrypt certificate files then it should be ok. Currently though, your webserver is serving a self signed certificate (one that you or the software made up), if you think this JKS file is correct and was generated using the Let's Encrypt PEM files etc then make sure you have restarted Tomcat to use the latest version of the file.

3 Likes
6

i tried restarting the web server , as well as the machine server ..

so far without success ,

are there any tools i could analyse the jks and csr files ?

7

Why do you need to analyse the JKS file- didn't you create it yourself? If not then that's your problem!

Your JKS file is a container (a key store) containing the private key generated during the certificate creation and the public certificate itself. If you are using this file then you need to create/update it from the latest certificate information. If you don't know how this file came to be then that's the part you need to look at - either replace it with an updated file or switch to just using the pem files as per the example configs above.

4 Likes
8

Ok , i did it in the way specified here

and it worked , thanks

2 Likes
9

You should write a script to do it again once your certificate gets renewed and invoke

certbot renew --cert-name yourcert --deploy-hook "~/path/to/the_script_you_just_wrote.sh"

to make sure the certificate gets installed on renewals, and tomcat knows it has been installed

3 Likes
10

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.