Upload Certs manually to server

isladelobos · June 30, 2021, 2:51pm

Hi.

I have two computer, one with the Server Debian and another with Debian and cerbot installed.
Ive generated certs with cerbot and then upload the certs to the Server.

It is possible? for now wen i configure my apache2 files, apache2 always says error with letsencrypt certs.

rg305 · June 30, 2021, 2:59pm

Hi @isladelobos, and welcome to the LE community forum

Please show the error message and include the domain name or URL.

isladelobos · June 30, 2021, 3:17pm

This is from apache2 error log.

[Wed Jun 30 16:13:09.163971 2021] [ssl:emerg] [pid 2635] AH02562: Failed to conf igure certificate unoahi.org:443:0 (with chain), check /etc/ssl/certs-unoahi/000 0_csr-certbot.pem

[Wed Jun 30 16:13:09.164757 2021] [ssl:emerg] [pid 2635] SSL Library Error: erro r:0906D06C:PEM routines:PEM_read_bio:no start line (Expecting: TRUSTED CERTIFICA TE) -- Bad file contents or format - or even just a forgotten SSLCertificateKeyF ile?

[Wed Jun 30 16:13:09.165042 2021] [ssl:emerg] [pid 2635] SSL Library Error: erro r:140DC009:SSL routines:SSL_CTX_use_certificate_chain_file:PEM lib
AH00016: Configuration Failed

isladelobos · June 30, 2021, 3:39pm

I tested with
openssl x509 -noout -modulus -in 0000_csr-certbot.pem

On both computers and the error is same... bad cert file?

I need to generate another?

rg305 · June 30, 2021, 4:00pm

Is that a CSR?

rg305 · June 30, 2021, 4:02pm

Please show:
certbot certificates

Please detail the steps taken to do so.

isladelobos · June 30, 2021, 4:09pm

Certbot certificates

No certs found.

I follow the steps from:

But i generate the certificate only...:

sudo snap install core; sudo snap refresh core
sudo snap install --classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot
sudo certbot certonly --apache

Next y pass the two certificates CSR and KEY to the server
Next configure apache2 file.

rg305 · June 30, 2021, 4:32pm

No certs have been generated.

The CSR is not part of the cert; it is used only to generate the public cert.

rg305 · June 30, 2021, 4:33pm

Please redo this step and show the full output:

webprofusion · July 1, 2021, 3:11am

To copy a cert from one machine (with certbot) to another you will need at a minimum to copy the latest :

fullchain.pem (your cert + intermediate certs)
privkey.pem (your private key which goes with that cert and is required to do anything useful with the cert).

You will then need to configure your service to use these files for the SSL settings (this varies by the type of service being configured).

system · July 31, 2021, 3:11am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.