Greetings,
i had nice running apache server and unfortunally I made mistake running certbot.
It changes configuration to use ssl but the way it won't work.
First of all I need to run it on TSL1.2 becouse on 1.3 it shows an error.
Anyway nothing shows anyway and logs shows :
SSL Library Error: error:1417C0C7:SSL routines:tls_process_client_certificate:peer did not return a certificate -- No CAs known to server for verification?
I just don't get it, I need server how just run - without client needed to do anything.
Anyway - tryed to turn off that ssl and make it go without , changed .conf to *:80 and ssl engine turn off in ssl.conf.
But it do not work.
I would like to make it work the afstest way possible.
Any advices ?
Apache and letsencrypt ssl
Re: Apache and letsencrypt ssl
to disable ssl just comment ssl options at vhost
to enable TLS >= 1.2
SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
to enable TLS >= 1.2
SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
Re: Apache and letsencrypt ssl
Thank you.
Turns out that I had a problems 'coz of my opera browser - it shows me information that connection requires cert from me
and everyone else could just see the site without problems on port 80.
Is there any step-by-step walkthrough to set up centos with apache and ssl ?
I did some and theres still problem and it refuses to work for me.
Feels like ssl-like things just hate me.
Turns out that I had a problems 'coz of my opera browser - it shows me information that connection requires cert from me
and everyone else could just see the site without problems on port 80.
Is there any step-by-step walkthrough to set up centos with apache and ssl ?
I did some and theres still problem and it refuses to work for me.
Feels like ssl-like things just hate me.
Re: Apache and letsencrypt ssl
There are probably hundreds of such guides. Your best bet is to do a web search for something like centos <version> apache ssl. Out of the various results, look for one that seems good to you, as different people learn best by different methods.
New users should check the FAQ and Read Me First pages