My domain is: troymacnaughton.com
I ran this command: sudo certbot run
It produced this output:
Requesting a certificate for troymacnaughton.com
Performing the following challenges:
http-01 challenge for troymacnaughton.com
Waiting for verification...
Cleaning up challenges
Created an SSL vhost at /etc/httpd/conf.d/troymacnaughton.com-le-ssl.conf
Deploying Certificate to VirtualHost /etc/httpd/conf.d/troymacnaughton.com-le-ssl.conf
Enabling site /etc/httpd/conf.d/troymacnaughton.com-le-ssl.conf by adding Include to root configuration
Enhancement redirect was already set.
Congratulations! You have successfully enabled https://troymacnaughton.com
IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/troymacnaughton.com/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/troymacnaughton.com/privkey.pem
Your cert will expire on 2021-03-02. To obtain a new or tweaked
I restarted apache but got
So then my notes say to also run (which I think is wrong because I just did this) sudo snap run certbot -d troymacnaughton.com
Saving debug log to /var/log/letsencrypt/letsencrypt.log
ssl_module is statically linked but --apache-bin is missing; not disabling session tickets.
Plugins selected: Authenticator apache, Installer apache
Cert not yet due for renewal
You have an existing certificate that has exactly the same domains or certificate name you requested and isn't close to expiry.
(ref: /etc/letsencrypt/renewal/troymacnaughton.com.conf)
What would you like to do?
1: Attempt to reinstall this existing certificate
2: Renew & replace the cert (may be subject to CA rate limits)
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 1
Keeping the existing certificate
Deploying Certificate to VirtualHost /etc/httpd/conf.d/troymacnaughton.com-le-ssl.conf
Enhancement redirect was already set.
Congratulations! You have successfully enabled https://troymacnaughton.com
So then my notes say to run sudo snap run certbot -d www.troymacnaughton.com
Saving debug log to /var/log/letsencrypt/letsencrypt.log
ssl_module is statically linked but --apache-bin is missing; not disabling session tickets.
Plugins selected: Authenticator apache, Installer apache
Requesting a certificate for www.troymacnaughton.com
Performing the following challenges:
http-01 challenge for www.troymacnaughton.com
Waiting for verification...
Cleaning up challenges
Deploying Certificate to VirtualHost /etc/httpd/conf.d/troymacnaughton.com-le-ssl.conf
Enhancement redirect was already set.
Congratulations! You have successfully enabled https://www.troymacnaughton.com
IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/www.troymacnaughton.com/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/www.troymacnaughton.com/privkey.pem
restarted apached cleared cache, opened incogneto browser still got Warning: Potential Security Risk Ahead.
This is my virtual host file
[orca@orcacomputers conf.d]$ cat troymacnaughton.com.conf
<VirtualHost *:80>
ServerName troymacnaughton.com
ServerAlias www.troymacnaughton.com
ServerAdmin webmaster@localhost
DocumentRoot /var/www/troymacnaughton.com/public_html
ErrorLog /var/log/httpd/troymacnaughton.com-error.log
CustomLog /var/log/httpd/troymacnaughton.com-access.log combined
<Directory "/var/www/troymacnaughton.com/public_html">
AllowOverride None
</Directory>
RewriteEngine on
RewriteCond %{SERVER_NAME} =www.troymacnaughton.com [OR]
RewriteCond %{SERVER_NAME} =troymacnaughton.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
I then ran sudo certbot run again and see
47: troymacnaughton.com
48: www.troymacnaughton.com
But haven't made any selection.
Before launching certbot I loaded troymacnaughton.com and got the apache picture so webserver is working.
My web server is (include version): Server version: Apache/2.4.6 (CentOS)
The operating system my web server runs on is (include version): CentOS7
My hosting provider, if applicable, is: Godaddy
I can login to a root shell on my machine (yes or no, or I don't know): Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot): certbot 1.10.0