Control Web Panel

WebPanel => SSL => Topic started by: ahmed on February 13, 2017, 10:29:08 PM

Title: i installed letsencrypt without www now with www browser says bad certificate
Post by: ahmed on February 13, 2017, 10:29:08 PM
i installed letsencrypt without www now when i visit my website with www.example.com from browser it says bad certificate

how do i edit this to fix is there a way i can edit this or delete certificate and add certificate again by checkmarking www
Title: Re: i installed letsencrypt without www now with www browser says bad certificate
Post by: ahmed on February 14, 2017, 06:56:37 AM
i edited letsencrypt configuaration by adding www in the end
Title: Re: i installed letsencrypt without www now with www browser says bad certificate
Post by: Sandeep on February 14, 2017, 07:53:46 AM
uninstall letsencrypt and install it again then try to issue the certs with www checkbox enabled
Title: Re: i installed letsencrypt without www now with www browser says bad certificate
Post by: TheRavenKing on February 14, 2017, 02:11:32 PM
I had same, forgot also to tick the www, but I can't find out hw to delete the ssl to generate again with the www. can any one give some directions in how to do this?  Thanks.
Title: Re: i installed letsencrypt without www now with www browser says bad certificate
Post by: Sandeep on February 14, 2017, 02:52:15 PM
you need to manually remove the certs or uninstall LE and reinstall
Title: Re: i installed letsencrypt without www now with www browser says bad certificate
Post by: TheRavenKing on February 14, 2017, 03:59:57 PM
Thanks,

For anyone coming here, the easiest way is to remove the entries and the files/folders.

Remove codeblock for domain [vhost....:
/usr/local/cwp/.conf/letsencrypt.conf

Remove the row with the domain in:
/usr/local/apache/conf.d/vhosts-ssl-letsencrypt.conf

Remove folders:
/home/user/public_html/.well-known
/etc/letsencrypt/archive/domain
/etc/letsencrypt/live/domain
/etc/letsencrypt/renewal/domain

Don't restart Apache, go straight back in Letsencrypt and issue again, this time tick the box WWW  :-)

check for proper working
Title: Re: i installed letsencrypt without www now with www browser says bad certificate
Post by: ahmed on February 17, 2017, 01:27:33 PM
the easiest way is to click on right box of letsencrypt where it shows 2 links and add single line to it for adding www and it works.

note : you can get the single line of www by adding new ssl to another domain by checkmarking www and it will show the new line in right box one of 2 configuaration files.

It is the easiest one.
Title: Re: i installed letsencrypt without www now with www browser says bad certificate
Post by: TheRavenKing on February 17, 2017, 01:44:55 PM
@ahmed, can you give more step by step details I just can't find what you try to explain, sorry.
Title: Re: i installed letsencrypt without www now with www browser says bad certificate
Post by: ahmed on February 20, 2017, 08:53:21 AM
In menu click on apache settings

then

click on letsencrypt manager

then

on right side in a box on a page which opened when you clicked on letsencrypt manager just look for

Letsencrypt Configuration
Configuration files:
- CWP Configuration
- Apache Configuration

* Still under beta, report any issue here.

then click on - CWP Configuration

and you will find line like

:example.com:user:/home/user/public_html:test@example.com:127.0.0.1:443:

just add in the line

:example.com:user:/home/user/public_html:test@example.com:127.0.0.1:443:www

Save and visit your website

make sure you added redirect to https:// in vhosts

Title: Re: i installed letsencrypt without www now with www browser says bad certificate
Post by: TheRavenKing on February 20, 2017, 09:47:08 AM
Thank you,  yes I tried that, but it didn't work out for me, hence I came with other solution.
Title: Re: i installed letsencrypt without www now with www browser says bad certificate
Post by: locvfx on February 24, 2017, 07:33:33 AM
This is an example of the code block (replace USERNAME YOUR_DOMAIN, YOUR_SERVER_IP accordingly)

Quote
# vhost_start YOUR_DOMAIN.com
<VirtualHost YOUR_SERVER_IP:443>
 ServerName YOUR_DOMAIN.com
 ServerAlias www.YOUR_DOMAIN.com
 DocumentRoot /home/USERNAME/public_html
 SSLEngine on
 SSLCipherSuite ALL:!ADH:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP
 SSLProtocol All -SSLv2 -SSLv3

# SSLCertificateFile /etc/pki/tls/certs/YOUR_DOMAIN.com.cert
#SSLCertificateKeyFile /etc/pki/tls/private/YOUR_DOMAIN.com.key
# SSLCertificateChainFile /etc/pki/tls/certs/YOUR_DOMAIN.com.bundle

##Prevent Warning of Browser
SSLCertificateFile /etc/letsencrypt/live/www.YOUR_DOMAIN.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/www.YOUR_DOMAIN.com/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/www.YOUR_DOMAIN.com/chain.pem
 SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
<IfModule mod_suexec.c>
    SuexecUserGroup USERNAME USERNAME
</IfModule>

<IfModule mod_suphp.c>
    suPHP_UserGroup USERNAME USERNAME
    suPHP_ConfigPath /home/USERNAME
</IfModule>

<Directory "/home/USERNAME/public_html">
    AllowOverride All
</Directory>
</VirtualHost>
# vhost_end YOUR_DOMAIN.com


As you can see , ##Prevent Warning of Browser. This is a quick fix to get risk of warning from browser
Make sure these files are exist:
/etc/letsencrypt/live/www.YOUR_DOMAIN.com/cert.pem
/etc/letsencrypt/live/www.YOUR_DOMAIN.com/privkey.pem
/etc/letsencrypt/live/www.YOUR_DOMAIN.com/chain.pem