hello, During long time I haven't pb with let's encrypt. Bur now it's impossible to read my website error ssl of firefox. I make that : Panel ispconfig 3.1 - remove ssl et let encrypt - remove certifcate (delete) mywebsite/ssl remove all files Reinstall let's and ssl Panel ispconfig - SSL and lt's encrypt on - create certificate I saw my certificate mywebsite/ssl I have this demo1.****.org.crt demo1.****.org.csr demo1.****.org.csr.err demo1.****.org.key demo1.****.org.key.org demo1.****.org-le.bundle.err demo1.****.org-le.crt demo1.****.org-le.crt.err demo1.****.org-le.key demo1.****.org-le.key.err demo1.****.org-le.bundle Conclusion : impossible to display a good certificate with https .... error firefox How to resolve that. I tryied some way to resolve this problem. Tk
When I tried with this site ; https://www.sslshopper.com/certificate-key-matcher.html the result openssl x509 -in certificate.crt -text -noout Error opening Certificate certificate.crt 135466022930064:error:02001002:system library:fopen:No such file or directory:bss_file.c:398:fopen('certificate.crt','r') 135466022930064:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:400: unable to load certificate openssl x509 -in certificate.crt -text -noout Error opening Certificate certificate.crt 113444575430288:error:02001002:system library:fopen:No such file or directory:bss_file.c:398:fopen('certificate.crt','r') 113444575430288:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:400: unable to load certificate openssl x509 -noout -modulus -in certificate.crt | openssl md5 Error opening Certificate certificate.crt 116287945483920:error:02001002:system library:fopen:No such file or directory:bss_file.c:398:fopen('certificate.crt','r') 116287945483920:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:400: unable to load certificate (stdin)= d41d8cd98f00b204e9800998ecf8427e openssl rsa -noout -modulus -in privateKey.key | openssl md5 Error opening Private Key privateKey.key 118768046360208:error:02001002:system library:fopen:No such file or directory:bss_file.c:398:fopen('privateKey.key','r') 118768046360208:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:400: unable to load Private Key (stdin)= d41d8cd98f00b204e9800998ecf8427e openssl req -noout -modulus -in CSR.csr | openssl md5 CSR.csr: No such file or directory 124126015604368:error:02001002:system library:fopen:No such file or directory:bss_file.c:398:fopen('CSR.csr','r') 124126015604368:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:400: (stdin)= d41d8cd98f00b204e9800998ecf8427e
edit log : E325: ATTENTION Trouvé un fichier d'échange nommé ".letsencrypt.log.swp" propriété de : root daté : Thu Jan 19 20:15:06 2017 nom de fichier : /var/log/letsencrypt/letsencrypt.log modifié : OUI nom d'utilisateur : root nom d'hôte : ns304677.ip-94-23-214.eu processus n° : 9785 Lors de l'ouverture du fichier "letsencrypt.log" daté : Sat Jan 21 15:59:02 2017 PLUS RÉCENT que le fichier d'échange ! (1) Un autre programme est peut-être en train d'éditer ce fichier. Si c'est le cas, faites attention à ne pas vous retrouver avec deux versions différentes du même fichier en faisant des modifications. Quittez, ou continuez prudemment. (2) Une session d'édition de ce fichier a planté. Si c'est le cas, utilisez ":recover" ou "vim -r letsencrypt.log" pour récupérer le fichier (voir ":help recovery"). Si vous l'avez déjà fait, effacez le fichier d'échange ".letsencrypt.log.swp" pour éviter ce message. Le fichier d'échange ".letsencrypt.log.swp" existe déjà ! 2017-01-21 14:59:02,274:WARNING:certbot.cli:You are running with an old copy of letsencrypt-auto that does not receive updates, and is less reliable than more recent versions. We recommend upgrading to the latest certbot-auto script, or using native OS packages. 2017-01-21 14:59:02,274EBUG:certbot.clieprecation warning circumstances: /root/.local/share/letsencrypt/bin/letsencrypt / {'LANG': 'fr_FR.UTF-8', 'DERBY_HOME': '/usr/lib/jvm/java-8-oracle/db', 'SHELL': '/bin/sh', 'LANGUAGE': 'fr_FR:fr', 'SHLVL': '3', 'J2SDKDIR': '/usr/lib/jvm/java-8-oracle', 'J2REDIR': '/usr/lib/jvm/java-8-oracle/jre', 'PWD': '/usr/local/ispconfig/server', 'LOGNAME': 'root', 'HOME': '/root', 'PATH': '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/lib/jvm/java-8-oracle/bin:/usr/lib/jvm/java-8-oracle/db/bin:/usr/lib/jvm/java-8-oracle/jre/bin', 'JAVA_HOME': '/usr/lib/jvm/java-8-oracle', '_': '/root/.local/share/letsencrypt/bin/letsencrypt'} 2017-01-21 14:59:02,274EBUG:certbot.main:certbot version: 0.10.1 2017-01-21 14:59:02,274EBUG:certbot.main:Arguments: ['-n', '--text', '--agree-tos', '--expand', '--authenticator', 'webroot', '--server', 'https://acme-v01.api.letsencrypt.org/directory', '--rsa-key-size', '4096', '--email', '[email protected]', '--domains', 'demo1.clicshopping.org', '--webroot-path', '/usr/local/ispconfig/interface/acme'] 2017-01-21 14:59:02,275EBUG:certbot.mainiscovered plugins: PluginsRegistry(PluginEntryPoint#standalone,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#webroot,PluginEntryPoint#apache,PluginEntryPoint#null) 2017-01-21 14:59:02,275EBUG:certbot.plugins.selection:Requested authenticator webroot and installer None 2017-01-21 14:59:02,278EBUG:certbot.plugins.selection:Single candidate plugin: * webroot Description: Place files in webroot directory Interfaces: IAuthenticator, IPlugin Entry point: webroot = certbot.plugins.webroot:Authenticator Initialized: <certbot.plugins.webroot.Authenticator object at 0x6a1183e89050> Prep: True 2017-01-21 14:59:02,278EBUG:certbot.plugins.selection:Selected authenticator <certbot.plugins.webroot.Authenticator object at 0x6a1183e89050> and installer None 2017-01-21 14:59:02,281EBUG:certbot.mainicked account: <Account(5f1a66aef1ba10f0df010d3fe98eafe9)> 2017-01-21 14:59:02,282EBUG:root:Sending GET request to https://acme-v01.api.letsencrypt.org/directory. 2017-01-21 14:59:02,285EBUG:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org 2017-01-21 14:59:02,678EBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 352 2017-01-21 14:59:02,679EBUG:acme.client:Received response: HTTP 200 Server: nginx Content-Type: application/json Content-Length: 352 Boulder-Request-Id: 4ldS-LerwRmX-KKzUgUxn5Hc2bsVt26Or5NpNuRgrVU Replay-Nonce: lBIPgDvaxkGMlulo1N8WF5wR7qNterkyFqyxSHFwX1Q X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 Expires: Sat, 21 Jan 2017 14:59:02 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Sat, 21 Jan 2017 14:59:02 GMT Connection: keep-alive { "key-change": "https://acme-v01.api.letsencrypt.org/acme/key-change", "new-authz": "https://acme-v01.api.letsencrypt.org/acme/new-authz", "new-cert": "https://acme-v01.api.letsencrypt.org/acme/new-cert", "new-reg": "https://acme-v01.api.letsencrypt.org/acme/new-reg", } 2017-01-21 14:59:02,700:INFO:certbot.renewal:Cert not yet due for renewal 2017-01-21 14:59:02,700:INFO:certbot.main:Keeping the existing certificate
