Set up HTTPS on apache2 without buying a domain name

Obtaining a new certificate Performing the following challenges: Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA. Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA.

Answers

The automated certbot --apache mode may not be working since your site's URL does not exactly match the root directory you are using in Apache.

One option is to manually specify the domain name that will be used for the certificate as well as the web server's root directory.

certbot certonly --webroot -w /var/www/html/www.mysite.ddns.net/www/ -d mysite.ddns.net

This command uses /var/www/html/www.mysite.ddns.net/www/ as your web server's root directory. Certbot will place temporary files (unique to your domain name) there in a directory by the name .well_known and will then attempt to read those files at http://mysite.ddns.net/.well_known. If it finds these files, you will be granted a certificate.

The certificate files will be placed in /etc/letsencrypt/live/mysite.ddns.net/.

To configure Apache to use these certificates, you can add them to your Apache site config with the following:

SSLEngine on
SSLCertificateKeyFile /etc/letsencrypt/live/mysite.ddns.net/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/mysite.ddns.net/fullchain.pem

Make sure to also run a2enmod ssl to ensure that the SSL module for Apache is enabled.

There are also some more Certbot examples to look at in the user guide.

clcain

Posted 2018-04-03T14:11:18.923

Reputation: 73

Can you use the -certonly option and then manually configure Apache to use the certificate? – ivanivan – 2018-04-03T14:34:05.427

@ivanivan I imagine that I can, but how? Something like: sudo certbot -certonly? This is what I obtain: certbot: error: File not found: ertonly – Timmy – 2018-04-03T15:50:47.693