![\":cry:\"](\"https:\/\/cdn-enterprise.discourse.org\/letsencrypt\/images\/emoji\/emoji_one\/cry.png?v=3\" "\\":cry:\\"")
)<\/p>\nSolution:<\/p>\n
Here is what I had to do – much of it is similar to getting the “starter” Apache 2 SSL set up<\/p>\n
- \n
- You need to create the self-signed certificates first (e.g. “sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout \/etc\/ssl\/private\/apache-selfsigned.key -out \/etc\/ssl\/certs\/apache-selfsigned.crt”)<\/li>\n
- Once that is done, you need to create the SSL vhost files (assuming you are using virtual hosts – I am) using the self-signed certificates. You can (I did, at least) use the same self-signed certificate for each vhost. The important thing to note here is that letsencrypt must have apache running ssl already. It will not work if apache is not up and\/or there are no ssl sites. (This drove me mad for a couple of hours!)<\/li>\n
- Once this is done you can back up your \/etc\/letsencrypt directory (you could probably blow it away but you are probably paranoid now
![\":slight_smile:\"](\"https:\/\/cdn-enterprise.discourse.org\/letsencrypt\/images\/emoji\/emoji_one\/slight_smile.png?v=3\" "\\":slight_smile:\\"")
)<\/li>\n - Restart apache (e.g., apache2ctl restart – by this time I will terminate with extreme prejustice
![\":imp:\"](\"https:\/\/cdn-enterprise.discourse.org\/letsencrypt\/images\/emoji\/emoji_one\/imp.png?v=3\" "\\":imp:\\"")
)<\/li>\n - Check to see if your sites are up and running. Your web browser probably will give you an insecure warning. That is okay – we will be putting real certificates in place; you just need to ensure that apache is working with ssl.<\/li>\n
- Run letsencrypt –apache ya-da, ya-da, ya-da<\/li>\n
- You might have to restart apache manually after it finishes but that’s okay<\/li>\n<\/ul>\n
Now, don’t forget to:
\n1. Back up you letsencrypt directory (I am really paranoid now![\":confounded:\"](\"https:\/\/cdn-enterprise.discourse.org\/letsencrypt\/images\/emoji\/emoji_one\/confounded.png?v=3\" "\\":confounded:\\"")
)
\n2. Back up your apache config files (Yes, I am really paranoid now)<\/p>\nOne more thing:<\/p>\n
- \n
- Make sure that the renewals are working (e.g., letsencrypt renew)<\/li>\n
- Put that in your cron jobs so that it renews each month<\/li>\n<\/ul>\n
<\/p>\n","protected":false},"excerpt":{"rendered":"
Problem: I moved servers – copying the Apache configuration and \/etc\/letsencrypt to the new server. Everything went well but now when I have to renew I cannot. I get all types of errors.\u00a0(Yes, I KNOW that I did a really … Continue reading