Solved the issue. I had to uncomment the ServerName directive in the /ssl.conf
I just tried again, with a fresh rocky install, kernel 4.18 something. same issue. So i guess something changed with Let’s encrypt.
I recently updated to the latest kernel on a fresh Rocky Linux. After installing httpd and snapd to get certbot --apache to work, i generated a SSL cert like in the past. Although, I no longer get a valid ssl cert for the apache server.
Peer’s Certificate issuer is not recognized. HTTP Strict Transport Security: false HTTP Public Key Pinning: false Certificate chain: -----BEGIN CERTIFICATE-----
The cert issuer can not be trusted, therefor I get a security risk warning in firefox, What’s the best way to setup a apache webserver with self signed certbot cert?
The steps I used to install snapd and generate the cert:
# SSL INSTALL SNAPD sudo dnf -y install snapd sudo systemctl start snapd sudo systemctl enable snapd sudo init 6 sudo snap install core; sudo snap refresh core sudo ln -s /var/lib/snapd/snap /snap sudo snap install --classic certbot sudo ln -s /snap/bin/certbot /usr/bin/certbot sudo dnf -y install certbot python3-certbot-apache mod_ssl sudo systemctl restart httpd sudo certbot --apache
Thanks for any hint, ideas.