Lets Encrypt Cert Install

[masonvanmeurs]

I'm a noob with certificates and web developement so bear with me.

I'm running 11.3 and a jail with FreeBSD and Apache. The website works but I want a certificate.
I followed the directions from certbot and here's what I got after step 3:

Now to step 4, and I have no idea how to install the cert. I edited

/usr/local/etc/apache24/extra/httpd-ssl.conf

and modified it like so:

I'm not sure why .pem files are generated from step 3. I would have thought I would have gotten .key or .crt files instead.

Running

Code:

apachectl -t

returns

and restarting apache and trying to connect to the website results in no certificate in my browswer. What am I doing wrong?

 

[danb35]

I would have thought I would have gotten .key or .crt files instead. What am I doing wrong?

The only thing wrong is your expectation--certbot will generate .pem files, but they're interchangeable with .key or .crt--any of them would refer to a PEM-encoded private key or X.509 cert.

Your edits look correct, but I expect there are other changes needed. What exactly is happening?

 

[masonvanmeurs]

Going to the website loads the http non s version with no cert in my browser after I restarted apache

 

[danb35]

Going to the website loads the http non s version with no cert in my browser after I restarted apache

Why would you expect it to redirect to https? You didn't put anything in your config (at least, not that you mentioned) to redirect it.

Of course, you could use a webserver like Caddy that handles all this stuff for you.

 

[masonvanmeurs]

Like I said, I am a noob. How do I do that

 

[danb35]

redirect https apache - Google Search

Really, your question has nothing at all to do with FreeNAS, but I'm sure Google can tell you how to do this with Apache. Or, like I suggested, use a different webserver that handles all this for you.

 

[masonvanmeurs]

Modified httpd-vhosts.conf and restarted apache like so with no luck.