Apache and letsencrypt ssl

Issues related to applications and software problems and general support
Post Reply
gokihar
Posts: 13
Joined: 2020/05/06 06:47:10

Apache and letsencrypt ssl

Post by gokihar » 2021/04/07 08:52:15

Greetings,
i had nice running apache server and unfortunally I made mistake running certbot.
It changes configuration to use ssl but the way it won't work.
First of all I need to run it on TSL1.2 becouse on 1.3 it shows an error.
Anyway nothing shows anyway and logs shows :
SSL Library Error: error:1417C0C7:SSL routines:tls_process_client_certificate:peer did not return a certificate -- No CAs known to server for verification?
I just don't get it, I need server how just run - without client needed to do anything.
Anyway - tryed to turn off that ssl and make it go without , changed .conf to *:80 and ssl engine turn off in ssl.conf.
But it do not work.

I would like to make it work the afstest way possible.
Any advices ?

BShT
Posts: 583
Joined: 2019/10/09 12:31:40

Re: Apache and letsencrypt ssl

Post by BShT » 2021/04/07 11:21:20

to disable ssl just comment ssl options at vhost

to enable TLS >= 1.2

SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1

gokihar
Posts: 13
Joined: 2020/05/06 06:47:10

Re: Apache and letsencrypt ssl

Post by gokihar » 2021/04/08 13:24:58

Thank you.
Turns out that I had a problems 'coz of my opera browser - it shows me information that connection requires cert from me
and everyone else could just see the site without problems on port 80.
Is there any step-by-step walkthrough to set up centos with apache and ssl ?
I did some and theres still problem and it refuses to work for me.
Feels like ssl-like things just hate me.

scottro
Forum Moderator
Posts: 2556
Joined: 2007/09/03 21:18:09
Location: NYC
Contact:

Re: Apache and letsencrypt ssl

Post by scottro » 2021/04/08 17:53:27

There are probably hundreds of such guides. Your best bet is to do a web search for something like centos <version> apache ssl. Out of the various results, look for one that seems good to you, as different people learn best by different methods.
New users should check the FAQ and Read Me First pages

Post Reply