I have a fully updated Arch Linux server running Apache 2.4.23.
In the past I've successfully used StartSSL to enable HTTPS on my Apache web server. But now I'd like to switch to Let's Encrypt.
Using certbot standalone, I've produced these files:
/etc/letsencrypt/live/[my domain]/cert.pem
/etc/letsencrypt/live/[my domain]/chain.pem
/etc/letsencrypt/live/[my domain]/fullchain.pem
/etc/letsencrypt/live/[my domain]/privkey.pem
And here are my Apache SSL directives:
SSLEngine on
SSLCertificateKeyFile /etc/letsencrypt/live/[my domain]/privkey.pem
SSLCertificateFile /etc/letsencrypt/live/[my domain]/cert.pem
SSLCertificateChainFile /etc/letsencrypt/live/[my domain]/chain.pem
# HSTS (mod_headers is required) (15768000 seconds = 6 months)
Header always set Strict-Transport-Security "max-age=15768000"
SSLProtocol +TLSv1.2
I double checked that [my domain] is correct, and restarting Apache didn't produce any errors, but trying to reach my server now gives me "Unable to connect" errors from my web browser.
Am I missing something? Thanks!
You only need the following for Apache 2.4:
No need to split it up the way you have done.
Moving onto your cannot connect message. That suggests to me that your server perhaps isn't listening on port:443. Use netstat, or something similar, and verify that Apache is actually listening on :443. You can also test connectivity to :443 on your server with netcat like this:
If that is the case, the logs should be able to tell you more.