[UPDATE]
Solved the issue. I had to uncomment the ServerName directive in the /ssl.conf
[UPDATE]
I just tried again, with a fresh rocky install, kernel 4.18 something. same issue. So i guess something changed with Let’s encrypt.
–
I recently updated to the latest kernel on a fresh Rocky Linux. After installing httpd and snapd to get certbot --apache to work, i generated a SSL cert like in the past. Although, I no longer get a valid ssl cert for the apache server.
Why?
Peer’s Certificate issuer is not recognized.
HTTP Strict Transport Security: false
HTTP Public Key Pinning: false
Certificate chain:
-----BEGIN CERTIFICATE-----
The cert issuer can not be trusted, therefor I get a security risk warning in firefox, What’s the best way to setup a apache webserver with self signed certbot cert?
The steps I used to install snapd and generate the cert:
# SSL INSTALL SNAPD
sudo dnf -y install snapd
sudo systemctl start snapd
sudo systemctl enable snapd
sudo init 6
sudo snap install core; sudo snap refresh core
sudo ln -s /var/lib/snapd/snap /snap
sudo snap install --classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot
sudo dnf -y install certbot python3-certbot-apache mod_ssl
sudo systemctl restart httpd
sudo certbot --apache
Thanks for any hint, ideas.