TE that with Let's Encrypt, it's now possible for me to generate a free SSL cert for CarolinaCustom rather than paying for one thru rapidssl. Here is the website that I used to guide me thru this certificate generation: https://www.getssl.in/letsencrypt/ The following were the usual commands that I formerly used to generate a cert thru rapidssl. openssl genrsa -des3 -out carolinacustom.key 2048 openssl req -new -key carolinacustom.key -out carolinacustom.csr But now, here are the commands for the new Let's Encypt certification (4096 bit now instead of 2048) ---------------------------------------------------------------------------------------------------- Step 1: Account Info ---------------------------------------------------------------------------------------------------- How to generate a new account keypair using openssl: Generate an account private key if you don't have one: (KEEP ACCOUNT.KEY SECRET!) openssl genrsa 4096 > account.key Print your public key: openssl rsa -in account.key -pubout Copy and paste the public key into the box below. -----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtZPRq8MAopp9yEkH5/IQ oi4vPjMcZGP2XcBo6jmhNcksNUtJBXuCTPPWqtUpLMsvUjPrw7tgpGb2nE9/aV1D 5HIhebp0v0/I1kRWqKZE7kyCnyZIWA/cVwbVaenUemXAxA+qSQCsXG/raX4Y/T/n fbcCE8tjcZkJEQr1l1SUS6by9099VQ77IP/HqZ0NDYGm2LUlQZyhGXjQ+gNl86PN r3u39Ch73f5kkfemSkfaLaReCqN9/jZVtfnU+9ZG8rEDcEJDY5BNEIRG5EsFpkjM Z0OovGa3jXd/0Fg1fydBfd8ZQkIWg4NUXxln/TQtdx7DHy7SZ3yWkWNueoY2lkaQ 95rTp1/SlwWSKP1JR2SFax4rD8n6sszwE2nk02oNY+JU/dcvfRGWwghD4vvGxmVj FCleKU0/ZdYzh+SwrAU1zLhKLwyOuaBNIxmGQCzeCchvamqDk88960LMMubCAfKT J/WaHVkF6dKaK+kMZt9XaMwukmQl3AZ0T2y2UFTIAzlguf7udhQoItf6+wJ4U2DW BieSQYxxmwyEKJhJN37pZWj2qjgj2OJwLmH+ZUIY9CdosNg4UDZxHmXpt2yKwTY3 NEZCnCqbVHm7qdVu5eiZiE37+Q1aa5b+NTA/OSnG3eNJGT/OXQC5B3sz17W1HR5P MEd+vNVt82dgXRMj0YJuJSMCAwEAAQ== -----END PUBLIC KEY----- ---------------------------------------------------------------------------------------------------- Step 2: Certificate Signing Request ---------------------------------------------------------------------------------------------------- How to generate a new Certificate Signing Request (CSR): Generate a TLS private key if you don't have one: (KEEP DOMAIN.KEY SECRET!) openssl genrsa 4096 > domain.key Generate a CSR for your the domains you want certs for: (replace "foo.com" with your domain) Linux: #change "/etc/ssl/openssl.cnf" as needed: # Debian: /etc/ssl/openssl.cnf # RHEL and CentOS: /etc/pki/tls/openssl.cnf # Mac OSX: /System/Library/OpenSSL/openssl.cnf openssl req -new -sha256 -key domain.key -subj "/" \ -reqexts SAN -config <(cat /etc/ssl/openssl.cnf \ <(printf "\n[SAN]\nsubjectAltName=DNS:foo.com,DNS:www.foo.com")) Copy and paste the CSR into the box below. NOTE that for this step, if I paste the command provided above, then I will get an error about a "missing re-direct" The way around that is just to enter the command: openssl req -new -sha256 -key domain.key and then just answer the questions interactively instead of having them piped in form redirects. -----BEGIN CERTIFICATE REQUEST----- MIIE8jCCAtoCAQAwgawxCzAJBgNVBAYTAlVTMRcwFQYDVQQIDA5Ob3J0aCBDYXJv bGluYTEQMA4GA1UEBwwHQ2xpbnRvbjEYMBYGA1UECgwPQ2Fyb2xpbmEgQ3VzdG9t MRQwEgYDVQQLDAtFbmdpbmVlcmluZzEfMB0GA1UEAwwWd3d3LmNhcm9saW5hY3Vz dG9tLmNvbTEhMB8GCSqGSIb3DQEJARYSc2NkZW1hcmNAeWFob28uY29tMIICIjAN BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAv/B8PTJm2CVUYg35wNC+cW8LD2Or rGReonVKHAK6wMeivIklP4z9OC1/1olVzanzXkVElHICzwqng5eBcTefzXzr79z8 kL0Vdwj4zDTtIICugcTp7g5IASu7bkHMV4wW73h9HvxxlQ9PfaQdLxe/Gaic9DCN kOz8vz/xHZsUrSGiwjcA/rvv+3Ob7dEyDCasOhxqakmvZo1c8I/KyMyQzRVpPeX0 j5Ubv7V2A4au3ardVRst6Qdg0TdMPTl3Bf5oCXEmpwf4F8wxn5GyzZRtkGUyEKeq WMSWyfRaagI2Wob1hOhG2B0qwMrJy69eoXYzfNR/zDucYfWLwXTBHHaeYVLV6mwC QLfLM8zcC4woQx1s4BfN+/HooMlNWah4dDBBVRujNVqlWhaY8YA7+GVREKTQZVUz MxsiXZp5tUa5Y3zScNwy9uZE+BtttknNKVi3goPu6dzOZoiY4TwuXcJ8nBiQ270C /c4nprBTduJfaBDSzp8lbnJ4NPDqnUsSHbQpT10ewy6cDdw5dyzo56dBf3M71hql HdvbRm7S7AcWmHKNUNL7hsI5djmubddAu9BGtuz/4c++D84eDCCGOtfPPb3cwFBG 6LWYmdTJBq8gA+1qRE4qAzySC007nywC7ZVjnvcIEaqir/DKRATElL/vjjfMTRw/ epmZEJ+AAZYevIcCAwEAAaAAMA0GCSqGSIb3DQEBCwUAA4ICAQBZnRzpjbxscgPB MTB/N2QPlCSVL3VAlAHtKSXuItFypNI+G1JFD/eyYKWnfrPHPVtL6pHvpDw3yX3P 2THDK/RuP8vMzX7tUV1Xgo5y8uWEsvi0V9xmnM4QKpWtl3Vc8mZLuZTTxD7iRgzm 8FTv1FmxN55UDvH1hKgPKL/WfGHY/3fLkSSsnICrz8sZi0UY+TzCs5wygVJjt3qV Os2VcywqlszcP69e4MEaymTCNq9hpfv2z3js4b1z1y6YxMBZh9SaeeUV4MqfY2Wf XxMGxNvWOyfcBWSeR9B19u0kp0nL6xyhHUf2TFyE+J3oSs9P0BID2wKYvBjS2xS5 CQJishPyvD5EgLEdkrby/8fxk5i3r3m2lDtYd7uy521Ko8wHyYiUbV6EOigy0Wfy Z7QvEcWWfgjFOMtg6Z18mt14M/i8n7La8IotmdCatlk0qwDxtvbeiz72D+ITF7ke TaT+P7ctT4ZKALY5H0w18E1Tfu3FDFy98AtGKPvmccEpmaqqomccR1VKEdKp7C67 MzfbJEJUZnqucnvMP6VkUHNUC5R/Zp5hNfIgUcftlmqt3edwSQAmp8aAwkynQmeA ZfpDRvkqusABauhCzEWuCKd3QGyAbsgaqwMGrHoKI1BtNEd1N2E8BlF6o0/QquXH VWVJXCYErCnTVM1yGsG1qXjhW92vkw== -----END CERTIFICATE REQUEST----- ---------------------------------------------------------------------------------------------------- Step 3: Sign API Requests (waiting...) ---------------------------------------------------------------------------------------------------- ACCEPT_TERMS: setenv PRIV_KEY ./account.key echo -n "eyJ1cmwiOiJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctYWNjdCIsImFsZyI6IlJTMjU2Iiwibm9uY2UiOiJPMWdpSjRlZkp5VTlwNFZYRW9PZGN0bzMwQkVKVFlSZHJ0blpQYXd1cVFxaUFFaWIxTXMiLCJqd2siOnsiZSI6IkFRQUIiLCJrdHkiOiJSU0EiLCJuIjoidFpQUnE4TUFvcHA5eUVrSDVfSVFvaTR2UGpNY1pHUDJYY0JvNmptaE5ja3NOVXRKQlh1Q1RQUFdxdFVwTE1zdlVqUHJ3N3RncEdiMm5FOV9hVjFENUhJaGVicDB2MF9JMWtSV3FLWkU3a3lDbnlaSVdBX2NWd2JWYWVuVWVtWEF4QS1xU1FDc1hHX3JhWDRZX1RfbmZiY0NFOHRqY1prSkVRcjFsMVNVUzZieTkwOTlWUTc3SVBfSHFaME5EWUdtMkxVbFFaeWhHWGpRLWdObDg2UE5yM3UzOUNoNzNmNWtrZmVtU2tmYUxhUmVDcU45X2paVnRmblUtOVpHOHJFRGNFSkRZNUJORUlSRzVFc0Zwa2pNWjBPb3ZHYTNqWGRfMEZnMWZ5ZEJmZDhaUWtJV2c0TlVYeGxuX1RRdGR4N0RIeTdTWjN5V2tXTnVlb1kybGthUTk1clRwMV9TbHdXU0tQMUpSMlNGYXg0ckQ4bjZzc3p3RTJuazAyb05ZLUpVX2RjdmZSR1d3Z2hENHZ2R3htVmpGQ2xlS1UwX1pkWXpoLVN3ckFVMXpMaEtMd3lPdWFCTkl4bUdRQ3plQ2NodmFtcURrODg5NjBMTU11YkNBZktUSl9XYUhWa0Y2ZEthSy1rTVp0OVhhTXd1a21RbDNBWjBUMnkyVUZUSUF6bGd1Zjd1ZGhRb0l0ZjYtd0o0VTJEV0JpZVNRWXh4bXd5RUtKaEpOMzdwWldqMnFqZ2oyT0p3TG1ILVpVSVk5Q2Rvc05nNFVEWnhIbVhwdDJ5S3dUWTNORVpDbkNxYlZIbTdxZFZ1NWVpWmlFMzctUTFhYTViLU5UQV9PU25HM2VOSkdUX09YUUM1QjNzejE3VzFIUjVQTUVkLXZOVnQ4MmRnWFJNajBZSnVKU00ifX0.eyJ0ZXJtc09mU2VydmljZUFncmVlZCI6dHJ1ZX0" | openssl dgst -sha256 -hex -sign $PRIV_KEY 2c22481d14ddd3ca476d8f691049c3278f988df98c287b6538b70f10e8fcb28a1abe586868cdd3ceaaf470724d6ad864744c7cc6fae4d909ffe7ff91f40de9d97fbb4da95e42151f76eecc7a0efabac35603f5ec7248bbd3dab013ad914a28dea229d419745c1d8f33060c95a1d5f3dab9ae95430b3796933ceb7e00293d3924a7d387116180e920489ae15c724d6f89af72ee1b78727f4897e8ed009c2428dcf4d5ed937bbe16358a007e73798c0551648cbd755caf7816f430f39ecb0fb9fd137bc620d91ecedbb4b5df9042976af21ad2dde492af3c1bd599166003fc4c09271c2b9cbbd5c2ec42c9c9d2ff3b1f88c5c48f6dfcd7429e877ed8761430bb2abdbfc2924880d1900dc67d79c70f9c46fa96c9ab1e77afbf069ed9884e1c60cfffea2e16a81580264319b26784bb642e16533670ff913eb955c96a3a19af66fd9cd1686cba21f679460da7881c461e0bb3e9f8cfc9cd3b06797223d237e7a7354ed1f2a1533cc84622ca8cfe66d2a036360d4aece6bbf0b022bb870e756dc69c70ee27d4e8cbb1dc3e609c9ec210536132e470610390716c679c92800806249e33b0ba8111f82f5460d0cedd14333dbf4edcd410058575558a3f095bdc1a4964a19b3da2d4e95f13264a5cb76019253df268308b94df6390c8c6fe27b7ca631e983715561ae6b608b3168f24eebebcf192d79cd36748f40c2e93bc6768234c15 echo -n "eyJ1cmwiOiJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hY2N0LzE2Mjc2NjA5OTciLCJhbGciOiJSUzI1NiIsIm5vbmNlIjoiVFZxaU1QaGZxdlNQbjVWMzNwd3hZNkNVQm9BNDhfR0IwX2JCbmZ2MnVYMWpDckU4M0djIiwia2lkIjoiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC8xNjI3NjYwOTk3In0.eyJjb250YWN0IjpbIm1haWx0bzpzY2RlbWFyY0B5YWhvby5jb20iXX0" | openssl dgst -sha256 -hex -sign $PRIV_KEY 2ac8222c071a8ab72b8f8b701b5d9318f8d1de32c18f34565b3a81524ffb7b7ec06a636455c50c4d8b8270aa929bbee5b87fb969f1fea3815049921cc677d25cb1af3c80d71d9f01733c3783f1b333397ffbc9ac011a69100d0c77d1451d59cadf87e76ca38db5463ef45623521e9d6e45657deedafee24f31149f92246de13517e934a6b642b0bae827c32ed1239ea4980832994b29a8fb31e562331c40437b8d01f00353947a1a409fc81c21370338f5d5f0250e96c3a90dc8b3b18625ea07af2ae4e7c26b1c05224a8bc937ac4bbab8f15ac31f802f5d3cb4ce208f1330e833dbc26f345c2f706a0d43300671fbe4b3b19665dfe4ca9db8d4739f84d14bb5e9a77cf851bf74d4f58ffd44aa6dce2fdbb1e67e20c20b8f6d58521025c89af64385d014a6d157f1cadb51e5b5572cc1e407e4b11dbae8a0fabf2c2dbbffb11c60098d614382a83c2d26acc4966c8c93cf4489cc36da88e6a7c6ac18590a26d7772c261ce8084ca37d806053af855d2445ef5582858763b72f8d06bf45f5ed34375809aad1e4aaf484db6ad96f68cc1bac3c6edf87365c4be066c7c138f2192ad889e603f8d6d712adc872e3176d9804ed539e211311582a2bae526a25b5b0ac3e6a9267ddc375d37a00b2379823cd3ace16352d9c3a25a3626e8cead41aeed8d012816ecc585e4e2b2bb2b5443f53be7feb10f0e9eaee14b10a7a25a9e58785 echo -n "eyJ1cmwiOiJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIiLCJhbGciOiJSUzI1NiIsIm5vbmNlIjoiTzFnaUo0ZWZnb2F2dmRiV1NEbzdpcjhIeXMzQWNHLUd3TG5wYWc4Q2REVzJjeWRUcVlBIiwia2lkIjoiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC8xNjI3NjYwOTk3In0.eyJpZGVudGlmaWVycyI6W3sidHlwZSI6ImRucyIsInZhbHVlIjoid3d3LmNhcm9saW5hY3VzdG9tLmNvbSJ9XX0" | openssl dgst -sha256 -hex -sign $PRIV_KEY 6192810064abc25e7ea0bfcc7d0072446ed3c88116ac3b6a7361c587b30823bdf481d8d27992a1898b58b00e9839c7667e84be9456b41b254117404faf7d9095485b6d11e2503a00ae5bfbd280507d421b549237a33bef61efd93f16c05faee77a1c33ab8cb54ba6b8b45ee8782a73d36ed56470395140bb51987a64e26040c27130d93cb765ad0674f16dc3718486f0acb35dd9f9e7dc8626694b525e49e97dd1516c312964b8ccd2e4bc33a0c4c6f76f68a49afe25819ed641485adc8e9d8e8b54cbb1fc8a9100213ee076086a4f845f68793621474fd002b9b44f9b06452135b2daef8088928a3cc673441737f58ea11cdbcccb436c5530ebe173ce04c7cf0030d422dd466e170adf0515adf108349ebcf45106e5cb06106f794f7018f3877144a4f6fb3c0d983047f31525fbe0ddc0a1cd7310c8b643eae358e1c420d0557769072705b2d235f0091433567027119a9abfee672f3de902d5147eceacd11ff15ba6a75af8bfd3af0683902da1d0a07a9174340f5282d1ebac695ed0208048f6e94060a9f6724015c26883c9f9497248a3090e730aa84ba402df585fdba1372b73d1b4106d356ee20200631ab272e19f073bdf26529cca813f77712f8ef3b250762cf4eecd7ccb1b95cc1b53b296c85011dd1946efe2ef6eefad69392a577222b0a8e1aafe8a671f21663e493c51e5ab5e390135d8f0cfa608cf5812c1b515 ---------------------------------------------------------------------------------------------------- Step 4: Verify Ownership (waiting...) ---------------------------------------------------------------------------------------------------- python2 -c "import BaseHTTPServer; h = BaseHTTPServer.BaseHTTPRequestHandler; h.do_GET = lambda r: r.send_response(200) or r.end_headers() or r.wfile.write('p-2boCx851U-U-ZR2YtER1jyBqjT6RrLIMhGLRIIU7U.VTQcNQwVCdr32_-c1m-4gqEourZ8QOYBxp9BdlwBeAQ'); s = BaseHTTPServer.HTTPServer(('0.0.0.0', 80), h); s.serve_forever()" PLEASE NOTE: to avoid getting this error: Traceback (most recent call last): File "", line 1, in ? File "/usr/lib/python2.4/SocketServer.py", line 330, in __init__ self.server_bind() File "/usr/lib/python2.4/BaseHTTPServer.py", line 101, in server_bind SocketServer.TCPServer.server_bind(self) File "/usr/lib/python2.4/SocketServer.py", line 341, in server_bind self.socket.bind(self.server_address) File "", line 1, in bind socket.error: (98, 'Address already in use') It is necessary to su to root and stop the apache webserver with "astop" SIGN CHALLENGE COMMAND: echo -n "eyJ1cmwiOiJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My8zMjgzODgxMzIyMTcvZVlRVEJ3IiwiYWxnIjoiUlMyNTYiLCJub25jZSI6IlRWcWlNUGhmUWY0R19GRERXc08zelFNVUREbUZhZU9SMUVzT2NCQkIzcUJQSHlvOXdTdyIsImtpZCI6Imh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTYyNzY2MDk5NyJ9.e30" | openssl dgst -sha256 -hex -sign $PRIV_KEY b420e09143c53a784fcee0a9d25616f88ed2513933b99acb7681b3b2f5738b0956373bead2e3add1e04701b9548591f6a88a4492249b9cda86bb33bbc986d847c8cfb8863a39e5718208ee8952cffb85c58f02991f689b1830f21c867b7bb333785f5bf4e8acfb36053d395e55c01fad1e6467c2d2a4ebf70df1041322dcacf7f6161de261683884c1d53d4a8e30c03560ec516723c833ff9b92077ba8bc128d6c81c5a516baef232e1a2fd61462563a7a5c34160cc7d901a31671861ad090575d888131d791340e8ce20ee8867432a169c2665933a0f80e1e9f85d825077a2f8df5239c08f29ac4a4a119502f0c967bd2943b683c33576e8dced124d96e855a99942f61136f2db6ba76066649be1f8934ed52c6e4126b81d028ede0b45771a7c61795851a8c16638ecedf5921c015c0baa91a92ea344628669196a14be29c6751d619d0378eab0e57c96d5206ea4c538d0f107f465a806496139ec1140063e3cbb478638f4da1f9abf2129395a5e321cba2395070268c990de380aea2a943816522ad2148685d56211cb4b3cfd3f20a11b4a51426101c5e1993914c34b9b507ecf1abd7cc2cdacdd40678256e06f836a10ea851e2d452b18db83729a49ea7169e11a0f311de1d27ba057262ffdafa0a6f783fa98773694aa7b43f8546d48cf1431dae11c22c54121371a9200ac3e1be75569c2150d2b4b118e798283ea6cd7a FINALIZE ORDER: echo -n "eyJ1cmwiOiJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9maW5hbGl6ZS8xNjI3NjYwOTk3LzI1Mzc5NTM1MzUzNyIsImFsZyI6IlJTMjU2Iiwibm9uY2UiOiJUVnFpTVBoZndfVjJtalRvY19XcHNKc0JRdXFjVkVNVFJlR2p4bDdLNHFfaGFvam16YVUiLCJraWQiOiJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hY2N0LzE2Mjc2NjA5OTcifQ.eyJjc3IiOiJNSUlFOGpDQ0F0b0NBUUF3Z2F3eEN6QUpCZ05WQkFZVEFsVlRNUmN3RlFZRFZRUUlEQTVPYjNKMGFDQkRZWEp2YkdsdVlURVFNQTRHQTFVRUJ3d0hRMnhwYm5SdmJqRVlNQllHQTFVRUNnd1BRMkZ5YjJ4cGJtRWdRM1Z6ZEc5dE1SUXdFZ1lEVlFRTERBdEZibWRwYm1WbGNtbHVaekVmTUIwR0ExVUVBd3dXZDNkM0xtTmhjbTlzYVc1aFkzVnpkRzl0TG1OdmJURWhNQjhHQ1NxR1NJYjNEUUVKQVJZU2MyTmtaVzFoY21OQWVXRm9iMjh1WTI5dE1JSUNJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBZzhBTUlJQ0NnS0NBZ0VBdl9COFBUSm0yQ1ZVWWczNXdOQy1jVzhMRDJPcnJHUmVvblZLSEFLNndNZWl2SWtsUDR6OU9DMV8xb2xWemFuelhrVkVsSElDendxbmc1ZUJjVGVmelh6cjc5ejhrTDBWZHdqNHpEVHRJSUN1Z2NUcDdnNUlBU3U3YmtITVY0d1c3M2g5SHZ4eGxROVBmYVFkTHhlX0dhaWM5RENOa096OHZ6X3hIWnNVclNHaXdqY0FfcnZ2LTNPYjdkRXlEQ2FzT2h4cWFrbXZabzFjOElfS3lNeVF6UlZwUGVYMGo1VWJ2N1YyQTRhdTNhcmRWUnN0NlFkZzBUZE1QVGwzQmY1b0NYRW1wd2Y0Rjh3eG41R3l6WlJ0a0dVeUVLZXFXTVNXeWZSYWFnSTJXb2IxaE9oRzJCMHF3TXJKeTY5ZW9YWXpmTlJfekR1Y1lmV0x3WFRCSEhhZVlWTFY2bXdDUUxmTE04emNDNHdvUXgxczRCZk4tX0hvb01sTldhaDRkREJCVlJ1ak5WcWxXaGFZOFlBNy1HVlJFS1RRWlZVek14c2lYWnA1dFVhNVkzelNjTnd5OXVaRS1CdHR0a25OS1ZpM2dvUHU2ZHpPWm9pWTRUd3VYY0o4bkJpUTI3MENfYzRucHJCVGR1SmZhQkRTenA4bGJuSjROUERxblVzU0hiUXBUMTBld3k2Y0RkdzVkeXpvNTZkQmYzTTcxaHFsSGR2YlJtN1M3QWNXbUhLTlVOTDdoc0k1ZGptdWJkZEF1OUJHdHV6XzRjLS1EODRlRENDR090ZlBQYjNjd0ZCRzZMV1ltZFRKQnE4Z0EtMXFSRTRxQXp5U0MwMDdueXdDN1pWam52Y0lFYXFpcl9ES1JBVEVsTF92ampmTVRSd19lcG1aRUotQUFaWWV2SWNDQXdFQUFhQUFNQTBHQ1NxR1NJYjNEUUVCQ3dVQUE0SUNBUUJablJ6cGpieHNjZ1BCTVRCX04yUVBsQ1NWTDNWQWxBSHRLU1h1SXRGeXBOSS1HMUpGRF9leVlLV25mclBIUFZ0TDZwSHZwRHczeVgzUDJUSERLX1J1UDh2TXpYN3RVVjFYZ281eTh1V0VzdmkwVjl4bW5NNFFLcFd0bDNWYzhtWkx1WlRUeEQ3aVJnem04RlR2MUZteE41NVVEdkgxaEtnUEtMX1dmR0hZXzNmTGtTU3NuSUNyejhzWmkwVVktVHpDczV3eWdWSmp0M3FWT3MyVmN5d3Fsc3pjUDY5ZTRNRWF5bVRDTnE5aHBmdjJ6M2pzNGIxejF5Nll4TUJaaDlTYWVlVVY0TXFmWTJXZlh4TUd4TnZXT3lmY0JXU2VSOUIxOXUwa3Awbkw2eHloSFVmMlRGeUUtSjNvU3M5UDBCSUQyd0tZdkJqUzJ4UzVDUUppc2hQeXZENUVnTEVka3JieV84ZnhrNWkzcjNtMmxEdFlkN3V5NTIxS284d0h5WWlVYlY2RU9pZ3kwV2Z5WjdRdkVjV1dmZ2pGT010ZzZaMThtdDE0TV9pOG43TGE4SW90bWRDYXRsazBxd0R4dHZiZWl6NzJELUlURjdrZVRhVC1QN2N0VDRaS0FMWTVIMHcxOEUxVGZ1M0ZERnk5OEF0R0tQdm1jY0VwbWFxcW9tY2NSMVZLRWRLcDdDNjdNemZiSkVKVVpucXVjbnZNUDZWa1VITlVDNVJfWnA1aE5mSWdVY2Z0bG1xdDNlZHdTUUFtcDhhQXdreW5RbWVBWmZwRFJ2a3F1c0FCYXVoQ3pFV3VDS2QzUUd5QWJzZ2Fxd01HckhvS0kxQnRORWQxTjJFOEJsRjZvMF9RcXVYSFZXVkpYQ1lFckNuVFZNMXlHc0cxcVhqaFc5MnZrdyJ9" | openssl dgst -sha256 -hex -sign $PRIV_KEY 155b5e7a47343bbc9691acaaf66655b677b842d44117d414a18541baec205d67044f8ecca41247f3444580872a594c18cc5917227f610e6ae8ffc3fd083f1ebd4cddd57bf84d1e8c1faa7a4cb2c13825c2b809186bb64cd3834c99ed5fbddc0683b3c33f0290f81de23af664e465bb2a21f571c0d29751a30cac3187d75e93ce48cac0f69ee8c17aca2777ad7ac66514a6c32ba6fd2a712befe736b3caa801b28c598ae8924ccf95bc432aa2302bc7f620c3e920c2f83552e4df8f28b96e761483acdbb3d659be73075c71a899691338d8a2403b50fcb46ad4ae38a67ff69419bc2beb70c1eff2f8de8155cf3f7794671a7be7287d3b23f6c59c5f84cecc1b9958ab11279e80a19bf0c74579323514d2acf1a654f611ab267a9ba20bbd128f58612ec68c24b2dc837f72a9414406b5d7eaa40fda88c21f1a5d65944ec9e2de6ffc038e075db7d69f840806148576a797e0212edb711445c89eed1c4028a948909501ea77278537ff8ad50f6c562562d293c9855551759f6ca160c71d8d14584019996b824a6e148dd31eebd8250130908ec7b62bbaacc9f55132440e397937382a883112c891ca5940a1ef9783c81e64b88e9d6d8605b363d2351695522468cd90303df6b16306b37298f2488a4a889f2c8430f83d17be39390b8c785ca7763859dffe714c5200fdb7e63a513f3ef3381fcd5ee8d9e6adaf0d4c6a586b0b8907 ---------------------------------------------------------------------------------------------------- Step 5: Install Certificate (waiting...) ---------------------------------------------------------------------------------------------------- -----BEGIN CERTIFICATE----- MIIF+TCCBOGgAwIBAgISBHpKmjQ0eV0J+PLlivbdoIWeMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAzMjAwMjUyNDBaFw0yNDA2MTgwMjUyMzlaMCExHzAdBgNVBAMT Fnd3dy5jYXJvbGluYWN1c3RvbS5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAw ggIKAoICAQC/8Hw9MmbYJVRiDfnA0L5xbwsPY6usZF6idUocArrAx6K8iSU/jP04 LX/WiVXNqfNeRUSUcgLPCqeDl4FxN5/NfOvv3PyQvRV3CPjMNO0ggK6BxOnuDkgB K7tuQcxXjBbveH0e/HGVD099pB0vF78ZqJz0MI2Q7Py/P/EdmxStIaLCNwD+u+/7 c5vt0TIMJqw6HGpqSa9mjVzwj8rIzJDNFWk95fSPlRu/tXYDhq7dqt1VGy3pB2DR N0w9OXcF/mgJcSanB/gXzDGfkbLNlG2QZTIQp6pYxJbJ9FpqAjZahvWE6EbYHSrA ysnLr16hdjN81H/MO5xh9YvBdMEcdp5hUtXqbAJAt8szzNwLjChDHWzgF8378eig yU1ZqHh0MEFVG6M1WqVaFpjxgDv4ZVEQpNBlVTMzGyJdmnm1RrljfNJw3DL25kT4 G222Sc0pWLeCg+7p3M5miJjhPC5dwnycGJDbvQL9ziemsFN24l9oENLOnyVucng0 8OqdSxIdtClPXR7DLpwN3Dl3LOjnp0F/czvWGqUd29tGbtLsBxaYco1Q0vuGwjl2 Oa5t10C70Ea27P/hz74Pzh4MIIY61889vdzAUEbotZiZ1MkGryAD7WpETioDPJIL TTufLALtlWOe9wgRqqKv8MpEBMSUv++ON8xNHD96mZkQn4ABlh68hwIDAQABo4IC GDCCAhQwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF BQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQXaxbE+ek3sEQ9KHJuTiYVsONv qTAfBgNVHSMEGDAWgBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJ MEcwIQYIKwYBBQUHMAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcw AoYWaHR0cDovL3IzLmkubGVuY3Iub3JnLzAhBgNVHREEGjAYghZ3d3cuY2Fyb2xp bmFjdXN0b20uY29tMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBAYKKwYBBAHWeQIE AgSB9QSB8gDwAHUAO1N3dT4tuYBOizBbBv5AO2fYT8P0x70ADS1yb+H61BcAAAGO Wf1cOQAABAMARjBEAiALDn0f1wPGYdg7W7XjNIekZQPsOx8QTpfE2d8YUQktfQIg aJQPTNXmzB/VTdifL9e4acb5593rAc6TTXA2xxT6fGMAdwDuzdBk1dsazsVct520 zROiModGfLzs3sNRSFlGcR+1mwAAAY5Z/VxLAAAEAwBIMEYCIQDVDoNCiW1Hy3V8 oy5wbXNM3tZlKW7lpP780Xay/XrcAQIhAIXxAMh+led8zPhz8sqgtyWAOhIrHOko bgcdKZQdrXhSMA0GCSqGSIb3DQEBCwUAA4IBAQAGFGsCv+NyGhElQiVWZBA/1NZP qCrUPw20WgbfAkX1HNk2P2Tu+RId5rTU/RLgescPnbp8NhB9poq7r21WV+CciEw4 x9m8JTl4/R25XDuq5yB168+qtVeR3gEe2AYHlzL021oiYpj+iQDm0IZfMnjRHL7g bkkAAdy6N9NIybXrJnkcU2Yr2lwPJVuucw628uv+kO0SNo8MzlVgZrFPSNje2KLP SJChTnnO07xpYX9KP3PIXEJFOKXeDfB87hCKJDmHdLnFCCGwGMiJoK+mJBeEoK4Z r//o1EagwhxYImE6NO1sHnss2xOfsgIdOsUPVpyYkofN+ruQqfohq9EzYJQg -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw WhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg RW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK AoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP R5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx sxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm NHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg Z3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG /kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB Af8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA FHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw AoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw Oi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB gt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W PTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl ikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz CkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm lJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4 avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2 yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O yK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids hCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+ HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv MldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX nLRbwHOoq7hHwg== -----END CERTIFICATE----- ---------------------------------------------------------------------------------------------------- additional FYI for debug ---------------------------------------------------------------------------------------------------- cd /usr/local/apache/conf/ssl.crt mv carolinacustom.crt carolinacustom.crt__lets_encrypt_domain_crt_2023_12_19 cp -a /home/scdemarc/www/ssl_cert/lets_encrypt/2024_03_19/domain.crt carolinacustom.crt cd /usr/local/apache/conf/ssl.key mv carolinacustom.key carolinacustom.key__lets_encrypt_domain_key_2023_12_19 cp -a /home/scdemarc/www/ssl_cert/lets_encrypt/2024_03_19/domain.key carolinacustom.key Then restart Apache with the "astart" alias If you see the following when you try to restart Apache, then it might be because you forgot to the Python simple server above from step-4 (98)Address already in use: make_sock: could not bind to address [::]:80