dme.txt TE that with Let's Encrypt, it's now possible for me to generate a free SSL cert for CarolinaCustom rather than paying for one thru rapidssl. Here is the website that I used to guide me thru this certificate generation: https://www.getssl.in/letsencrypt/ The following were the usual commands that I formerly used to generate a cert thru rapidssl. openssl genrsa -des3 -out carolinacustom.key 2048 openssl req -new -key carolinacustom.key -out carolinacustom.csr But now, here are the commands for the new Let's Encypt certification (4096 bit now instead of 2048) ---------------------------------------------------------------------------------------------------- Step 1: Account Info ---------------------------------------------------------------------------------------------------- How to generate a new account keypair using openssl: Generate an account private key if you don't have one: (KEEP ACCOUNT.KEY SECRET!) openssl genrsa 4096 > account.key Print your public key: openssl rsa -in account.key -pubout Copy and paste the public key into the box below. -----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0ozeULtdNI/zDThC1DcU ororqtXY4nooVN5kYrJcnWJ50RO97ZckZ5eIIMx7aC8zXWZzEJ6ipQPOjLjvgZvo Op91NeuUPB5XLQPqDW5Chgavf/K7517ODj6qEeIMr5B+ciA8yOMvbbBrOjonnI8t jSuYVilQlii0w1CZC8Fn33uTUJfu3+jLyNkwhdAETOluYeM38hwGruZ8BvzxrlxB wlATPAtYDJ9rMY9fqW1QBpZxiIir2t2wlpGM57mreorW4fKdp+Oi5X/g3T0E9G22 uz63GTAJYxJVYyvkKVA9FZ65c6oCZpCpz6Mgj5VxQ5E1s/1uZ9YK0RoK3L1sqMF4 eu1fzaiHkwa5XysbKYf9GIrHMFMIjZ0rzmgutWlv1CRqyPc4ra7NMNRqfPNhjtrm HWOWiq4SGNWhmcMUC94e9zUK7xg/nYa8wrrGwkJbpznxB5L00V93lMHRxtacn7iQ 6uBFgOdURpIbe7LSWAq/I9XWNDZGgdp7aw020vODHOFd3bi2dX8LYkNWNRs8ZJJa V1254alV8AWUPwG6oGfbprFddi8wxlsxNgzn/Aim6R0a/29H647vqLytBDUcYKh9 uEfnPhbsgJ8EkBGOQoYn04ukvxflT8vi7lXmazIX6qVUyebVQaBra+JkGxfXhUJT gMo2+MSHqzQ593TLPu3g660CAwEAAQ== -----END PUBLIC KEY----- ---------------------------------------------------------------------------------------------------- Step 2: Certificate Signing Request ---------------------------------------------------------------------------------------------------- How to generate a new Certificate Signing Request (CSR): Generate a TLS private key if you don't have one: (KEEP DOMAIN.KEY SECRET!) openssl genrsa 4096 > domain.key Generate a CSR for your the domains you want certs for: (replace "foo.com" with your domain) Linux: #change "/etc/ssl/openssl.cnf" as needed: # Debian: /etc/ssl/openssl.cnf # RHEL and CentOS: /etc/pki/tls/openssl.cnf # Mac OSX: /System/Library/OpenSSL/openssl.cnf openssl req -new -sha256 -key domain.key -subj "/" \ -reqexts SAN -config <(cat /etc/ssl/openssl.cnf \ <(printf "\n[SAN]\nsubjectAltName=DNS:foo.com,DNS:www.foo.com")) Copy and paste the CSR into the box below. NOTE that for this step, if I paste the command provided above, then I will get an error about a "missing re-direct" The way around that is just to enter the command: openssl req -new -sha256 -key domain.key and then just answer the questions interactively instead of having them piped in form redirects. -----BEGIN CERTIFICATE REQUEST----- MIIE8jCCAtoCAQAwgawxCzAJBgNVBAYTAlVTMRcwFQYDVQQIDA5Ob3J0aCBDYXJv bGluYTEQMA4GA1UEBwwHQ2xpbnRvbjEYMBYGA1UECgwPQ2Fyb2xpbmEgQ3VzdG9t MRQwEgYDVQQLDAtFbmdpbmVlcmluZzEfMB0GA1UEAwwWd3d3LmNhcm9saW5hY3Vz dG9tLmNvbTEhMB8GCSqGSIb3DQEJARYSc2NkZW1hcmNAeWFob28uY29tMIICIjAN BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAsyvDMpdVZPcTOFRGy7qwYtpsTxuw hRcpsIVZxAiiiV2+jGyHDFfXja56UBZ9DyudCDP/OwBeniqNTDsSsPbAPYxFYLHy 04zGZXXRBRC5Mi/bvDoqvqc7AiBaN9mNxuTw6s6ukX3LfgkKWeVsdhgwmtE+Z1gL mQfZL920GANzYb4aDOoHrpruk89nDC5hdEr20c9+GUT97+pTFiShItuB71QtGPcS HrSLQ2Rgj3mdptnGsGnwWdJB7zn9/50SZ3I6VenyEp+86TX5BnJI1oimEvaDPWB8 jqY3canpOthKT1oXzSdEyh1nNGaC0qhetp2wjoXX1RtOAw8xvoFexn2FBhljBiG+ A6cCsE6oFmmcdWsbLEQfq8XA3RQXpQqWFhoA0YYyrk6gSEs3FaLHIa8xL1UwAJ+/ OsttLtGIn9AZhM2i2cgE0glDadhcfHld8dzMA79Qx6KHirHOskldaUk4jOrJN01F SLVNB9A/mTufBSMTjTWSboj8r7O9x6ja0um5vKbTYr1npM667C3Hdw8H5HdVSwo7 lW/9B6clkATO6zUyjpdLml1PLasy0x6iN7EfhIZe2dncgkjt9nDV0mkOUx2V39Tt WU3yUvZIjWGSbqcKW0UiX6YQfyQGYiCpLkv66MjkrdClTO5IAlcyvtIvuU+8mOpn tCD66CKlJ4fT1EsCAwEAAaAAMA0GCSqGSIb3DQEBCwUAA4ICAQCMSzZ8LoRkEUO8 J22d8unHWvnXHJIjLQf9FW0gAWeks3282yCHUuS6KvtpHTXzAFbsTpW/yDheVhO4 NizoGwHDHZdz7Ul0bJ5Q92fAA0pCV2J2RMrkO5YWGkaP1kbxzdqipbQLvQb81FfM Qrjsc1SVpMGxJONTtwT06JBgWTD+YQeapkI7XEgLJgow5KR0y3odOhKoi0YKEu5r Xy/pQSnzRTeT/QkgnQ8UZb2ZF3Ww8RHIrSyCpaQyX5SPYXQlfz5PGKv+L4Pxyne/ wxPDco/ZMnScEDG4IBzpJi909PVyF6qo04AWI5ERHGt3Q+xmCOtSK/qm52hqKfFs VT9ZaZ8hSjOarScKhrrMS8Ft7RDSDDr7sa9av50dXysni+qgpgFVxHVJAxh/HhB+ G4UiVA+cJpl0looUcy7lbKhx5miwnUGX3mrkzdouptzeJxF6/BFzk20VcqYZ5XS2 pB59bTyVdwxX2vUb1iGtWbQSyMfc2l9nj3T/nDihdZiaYt/UhKTO8pZ6krC3ZZUE SKCZfEAIQs8g0H6L9kmwFxFctVjFvayNZI1F7zWU8UJlYZVxmAzp0Rlco0sU+lh6 q6L3FjJMf5xReflT0tsuPoQGJwhoURw6e2e/MvjVU7aqE2lL/fOT+WzaXRo4Z9mZ naLTzEWUCwJxYJ6qaugh9OZWh7OIfA== -----END CERTIFICATE REQUEST----- ---------------------------------------------------------------------------------------------------- Step 3: Sign API Requests (waiting...) ---------------------------------------------------------------------------------------------------- ACCEPT_TERMS: setenv PRIV_KEY ./account.key echo -n "eyJ1cmwiOiJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctYWNjdCIsImFsZyI6IlJTMjU2Iiwibm9uY2UiOiJmQ0J3N010UWdodFdXdkVqUWtXS1NzaXZ4TTZtcmZEdXk5S013VDBRUUVycWU0Qmtwa0EiLCJqd2siOnsiZSI6IkFRQUIiLCJrdHkiOiJSU0EiLCJuIjoiMG96ZVVMdGROSV96RFRoQzFEY1Vvcm9ycXRYWTRub29WTjVrWXJKY25XSjUwUk85N1pja1o1ZUlJTXg3YUM4elhXWnpFSjZpcFFQT2pManZnWnZvT3A5MU5ldVVQQjVYTFFQcURXNUNoZ2F2Zl9LNzUxN09EajZxRWVJTXI1Qi1jaUE4eU9NdmJiQnJPam9ubkk4dGpTdVlWaWxRbGlpMHcxQ1pDOEZuMzN1VFVKZnUzLWpMeU5rd2hkQUVUT2x1WWVNMzhod0dydVo4QnZ6eHJseEJ3bEFUUEF0WURKOXJNWTlmcVcxUUJwWnhpSWlyMnQyd2xwR001N21yZW9yVzRmS2RwLU9pNVhfZzNUMEU5RzIydXo2M0dUQUpZeEpWWXl2a0tWQTlGWjY1YzZvQ1pwQ3B6Nk1najVWeFE1RTFzXzF1WjlZSzBSb0szTDFzcU1GNGV1MWZ6YWlIa3dhNVh5c2JLWWY5R0lySE1GTUlqWjByem1ndXRXbHYxQ1JxeVBjNHJhN05NTlJxZlBOaGp0cm1IV09XaXE0U0dOV2htY01VQzk0ZTl6VUs3eGdfbllhOHdyckd3a0picHpueEI1TDAwVjkzbE1IUnh0YWNuN2lRNnVCRmdPZFVScEliZTdMU1dBcV9JOVhXTkRaR2dkcDdhdzAyMHZPREhPRmQzYmkyZFg4TFlrTldOUnM4WkpKYVYxMjU0YWxWOEFXVVB3RzZvR2ZicHJGZGRpOHd4bHN4Tmd6bl9BaW02UjBhXzI5SDY0N3ZxTHl0QkRVY1lLaDl1RWZuUGhic2dKOEVrQkdPUW9ZbjA0dWt2eGZsVDh2aTdsWG1heklYNnFWVXllYlZRYUJyYS1Ka0d4ZlhoVUpUZ01vMi1NU0hxelE1OTNUTFB1M2c2NjAifX0.eyJ0ZXJtc09mU2VydmljZUFncmVlZCI6dHJ1ZX0" | openssl dgst -sha256 -hex -sign $PRIV_KEY 939f84622c13b57f135022e639e464a30850e1fe3f21c01a26aac99c1f4d83408c0a2aa98f3528bc420482db9317ccec3a2a5ac9a2d98b52c4d39fca68486571356602de0038ccc223d03fb0831cb9b316ee0e4bfb787a9caac94582a32635d78f6eb039a2fa5b32d4f096c8b92d876fa9e8b9c3efdbbb7df2c434031409ba7e86193bc98a9901afc63ed748eeb6ba4fe34b32f21f2f8d1411fcf93713db37e18d70ebfae0887603274e7058dc0e21581f8d7e8220e6177264bf115e126b3b1a2db7ecb399484a16c90299c386463c8f8febf030a0b322bdab47c49d84b0202d3ab98527dbfd62c5b5aac49880c6f126760169608c57619c05190a839a58da5a63afce110bf49a087d6f3035e8c052691136df06bcde5f36ed91b9184f669fd5a0239db43fd4e0adfbbe57417255671f5a66afa7d642bc2e94d9c25ce3e56fac96bd519a63786ff22b8c7bedd7ae3919e1744d2a1f325a3482f4400c8c8f6a7a19d33619fecdaccd3d4de4cc29f6b80f61b9d1d3fafda82765f5a1f3c8142d5b2a94863475ded9338b12e4a762a907183a8ef398357d43a8b1d9a068845f4d33df3b04c2fed66c63861cd2f33d2e3c5a13950f7dce6fcf270f3596e071e15c3d39aea5865cbf652b0ac6e95c3ce1214bc7da8fadf4476078dbe0093a0a38809eac47aab680734e41173200831346efb868380039d55fff98558c8558a54f4d03 echo -n "eyJ1cmwiOiJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hY2N0LzE5NDg5MzYxNzYiLCJhbGciOiJSUzI1NiIsIm5vbmNlIjoiZkNCdzdNdFFweXZsRzZYeExrZ3o2TEVoV1FOZjJINEJBZjV2WU9qR0RjMkI3YjBkRFBBIiwia2lkIjoiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC8xOTQ4OTM2MTc2In0.eyJjb250YWN0IjpbIm1haWx0bzpzY2RlbWFyY0B5YWhvby5jb20iXX0" | openssl dgst -sha256 -hex -sign $PRIV_KEY 2b484123c4a11d271787af3280390fea91aed199653a7b22cb47e02a8593d72f1b623dd6244175273e83f4dec425e7b833b9e2ed060e8aa07f54ccd9b3e96d77574848c2bea020652d59c0e8d4ba918dc05dd67213faf90f270e7f160c2400c0c880989d6ebe139e610cca0dc9aaa4e5d870ad248b146909428eef7003b4f839bd60b0b2dfac64c035bbc5d36159483292dd527f598c3072b9363c9e2a03f7fa03b2a893618ab4d2260337a73c29562aaf60c571efa87b0b0577fb9253f379d0cabf254954ee3172e8d691541093bf1bd5fe6571c407dba5325b1aa2646d069efb9d720ab96555d17c790f4022ced78a1792f2823e5e568d88c109a60f5f572f2d2eb139c8dfdcde732563a913736f639256a59e2001b4c2bd5672b12f782331c109ca4fd4b63692542a94e8ac80381056c3746994cb14db347299853427565cb3a5e1e9147d0988a9858328955868d3e5016e95eae7546b751c241179b9b89ade47ad233f418c2e8be5015a5937d54586b6ca66e0f7e3cb3f5ac677ae78085660071375bdf0e105740b1776f4e3052b587916caffb9648ced77144c26a527157cc952b8f4fd70dd00988a9eae4e2ef562ee4b51c144c5ddca6514435c3cde7b61f91cdb7f07f73d3f635cd87bd9ce3b289a254f0c8d59ece48a672ba5d06ea99c68a1ca8ede8ded334c0918a871103bd1a336d9006272a057b1d00278aee668 echo -n "eyJ1cmwiOiJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIiLCJhbGciOiJSUzI1NiIsIm5vbmNlIjoiZkNCdzdNdFFNcElRNjFvd3dMVXlRUnZmUGlQM3d5VzlTMURuTVNUWWtjOXVWLXAxdHc4Iiwia2lkIjoiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC8xOTQ4OTM2MTc2In0.eyJpZGVudGlmaWVycyI6W3sidHlwZSI6ImRucyIsInZhbHVlIjoid3d3LmNhcm9saW5hY3VzdG9tLmNvbSJ9XX0" | openssl dgst -sha256 -hex -sign $PRIV_KEY 5c0f0bd606d1e6f13ed9b9b8bdcfb2963d0128ade112b28707485dd80bdfdb98ffecc15358ecbc8c9f9a5bfb42e95a9eb99c8f252119e5b551fadc0ae93977a83a8c9894cd836bdc32efdebbda350314fb616722d29e952494851d864941c061ac2fca65732be2f9e3d6c6bc12165c68a850478d1878ad0292f61b517d92863645c3f31fd65b2581c6c289585b1ef0a360c3595ad902595409a8b4f4bd2628e0ca20368d414e38a016c0c59703d75346fda226c00eebd386fb826008b6ded5d0bad4c6558cd3b4eb4e80e3572c10300bcf53c0dfdf23ae444d1fd5432339cb9bef75437b16e6b91bde5f7ecb906ff27169fe42d235c054bf7a7651147dbf155159604102620dff1a17e86b233adb43385d6a3600301d037ad8f977a989407c5debd2a8a27d1aa2fff059765246d5215822865e47cf69926b0db4aa1355f980bc0fb371414b282e32d3b889c084b088340434f451a0501486c7dc0dfb900cf69bee4f681c5a85a417b3690eb0b3328c2f299a539c991a7648ec7d13b682626daedf23d395ca691625cd607d4e93c0675cf2f5d17d28572d3bdc9b79f2a919e89d89a6dd727d7a4ad69bdabc3aba9a4b01e31eb5548e8602b796a69c70621f3a01a1122f1c8df59a2ede9f7ab1948f0079b4cdd72a8384501b32a9a6183ffb61c403052082e09e7ff6cc2e7b02ac428883b088ca7faf76ce716c681a2ab88793c2 ---------------------------------------------------------------------------------------------------- Step 4: Verify Ownership (waiting...) ---------------------------------------------------------------------------------------------------- python2 -c "import BaseHTTPServer; h = BaseHTTPServer.BaseHTTPRequestHandler; h.do_GET = lambda r: r.send_response(200) or r.end_headers() or r.wfile.write('gKhUBVO4Fs4gWK041O183WJhZGOIxTvqT2kLik8bgP8.VdoZgr-3shE7mPdDeq_BG1TgrvmI4u4fqnIGH25XP_k'); s = BaseHTTPServer.HTTPServer(('0.0.0.0', 80), h); s.serve_forever()" python2 -c "import BaseHTTPServer; \ h = BaseHTTPServer.BaseHTTPRequestHandler; \ h.do_GET = lambda r: r.send_response(200) or r.end_headers() or r.wfile.write('NWCAJSuJ4npr-Y5MTSmgwwfxbEBY5GfTcFijljJgyLQ.nOPqTkZVIaF-EWeObGlkcwRGcwiZQk3wLtDfSt3H-0I'); \ s = BaseHTTPServer.HTTPServer(('0.0.0.0', 80), h); \ s.serve_forever()" PLEASE NOTE: to avoid getting this error: Traceback (most recent call last): File "", line 1, in ? File "/usr/lib/python2.4/SocketServer.py", line 330, in __init__ self.server_bind() File "/usr/lib/python2.4/BaseHTTPServer.py", line 101, in server_bind SocketServer.TCPServer.server_bind(self) File "/usr/lib/python2.4/SocketServer.py", line 341, in server_bind self.socket.bind(self.server_address) File "", line 1, in bind socket.error: (98, 'Address already in use') It is necessary to su to root and stop the apache webserver with "astop" ALSO NOTE: Each time that we renew the cert, we get a new python2 command above. So don't paste the old one, or else we get an error and have to start back at step-1 SIGN CHALLENGE COMMAND: echo -n "eyJ1cmwiOiJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My80MDQyMTgyMjM4NjYvcm9aRHJnIiwiYWxnIjoiUlMyNTYiLCJub25jZSI6IjRPbVdVbHlVQW9lVVJjUmZ2NEsyM2NKR3FDZFFEWHUzSUVSNHYwRG5iRzJSVVlsY1JkdyIsImtpZCI6Imh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTk0ODkzNjE3NiJ9.e30" | openssl dgst -sha256 -hex -sign $PRIV_KEY 16a19bfe87988f053086d410554636e72cdd9531ac795fb27b6112d9bf101e30c37a63738d8aff7aae6fc8371b0390bf002573e32067977ff8cfeb3d245cd9d2fe97e54e513ae81145031582c9763fe340da01abb4f49f1becb8e05e908208e13c99356396835f61fb42e6d0ff2dd51cc0b74e7fd046767fef8ece24fcfda48cc3ea211effdff012f688816c273ce551040e3986d2c4dc506c472468a7054506b6b5b41e54bc9a7dc5a939f1a8d364023ebe11aa28a27b8a1fbf5240fd3101b52857c14e4d7054d8ac82169391eb7bed5bf36110c4090046966812540317744fb07e3bedab03b409126d74e27e4b9b04041e921c8c071018510bf93dc32f8ab7ebddf50d3c7aee898c58ccb6bdb44249ab45161a07f45b27681d753c43820962a6ce3ff649252db97233765bad229af0ce8005366a6d5364ba3f33b1daf3400647b28be487eb69b98382a700c6ee595fda123a1f5e1a734a7be8ee0018cc55d35296db39e6b8ad8fad5386eadff843150eac995aff8951f0e4cec8a0a801ecfa744c1f8fd4894daf8bdbdddc4155837a5853beb60501d40a1997af51a92cab7b6704abb2f76f3e3f2c4bedc1c7ce9ba5ddcfc70d9be1178c920a44b9cd13992befce988991ad8f97bdf69f5c277894fb3d330cd7e13e832758ed5e205d4174248de40cc0e4207dcfaa0dd8bcf7abb9f5a28b38dff575fac3c863b1cd33973816 FINALIZE ORDER: echo -n "eyJ1cmwiOiJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9maW5hbGl6ZS8xOTQ4OTM2MTc2LzMwNTUzMzMxNjg3NiIsImFsZyI6IlJTMjU2Iiwibm9uY2UiOiJmQ0J3N010UXE2TjlYd1lqM3dfWnhmb3FvaFJoQVRYRk5wM1ljTWNDMGtzalI3S1JvWTQiLCJraWQiOiJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hY2N0LzE5NDg5MzYxNzYifQ.eyJjc3IiOiJNSUlFOGpDQ0F0b0NBUUF3Z2F3eEN6QUpCZ05WQkFZVEFsVlRNUmN3RlFZRFZRUUlEQTVPYjNKMGFDQkRZWEp2YkdsdVlURVFNQTRHQTFVRUJ3d0hRMnhwYm5SdmJqRVlNQllHQTFVRUNnd1BRMkZ5YjJ4cGJtRWdRM1Z6ZEc5dE1SUXdFZ1lEVlFRTERBdEZibWRwYm1WbGNtbHVaekVmTUIwR0ExVUVBd3dXZDNkM0xtTmhjbTlzYVc1aFkzVnpkRzl0TG1OdmJURWhNQjhHQ1NxR1NJYjNEUUVKQVJZU2MyTmtaVzFoY21OQWVXRm9iMjh1WTI5dE1JSUNJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBZzhBTUlJQ0NnS0NBZ0VBc3l2RE1wZFZaUGNUT0ZSR3k3cXdZdHBzVHh1d2hSY3BzSVZaeEFpaWlWMi1qR3lIREZmWGphNTZVQlo5RHl1ZENEUF9Pd0JlbmlxTlREc1NzUGJBUFl4RllMSHkwNHpHWlhYUkJSQzVNaV9idkRvcXZxYzdBaUJhTjltTnh1VHc2czZ1a1gzTGZna0tXZVZzZGhnd210RS1aMWdMbVFmWkw5MjBHQU56WWI0YURPb0hycHJ1azg5bkRDNWhkRXIyMGM5LUdVVDk3LXBURmlTaEl0dUI3MVF0R1BjU0hyU0xRMlJnajNtZHB0bkdzR253V2RKQjd6bjlfNTBTWjNJNlZlbnlFcC04NlRYNUJuSkkxb2ltRXZhRFBXQjhqcVkzY2FucE90aEtUMW9YelNkRXloMW5OR2FDMHFoZXRwMndqb1hYMVJ0T0F3OHh2b0ZleG4yRkJobGpCaUctQTZjQ3NFNm9GbW1jZFdzYkxFUWZxOFhBM1JRWHBRcVdGaG9BMFlZeXJrNmdTRXMzRmFMSElhOHhMMVV3QUotX09zdHRMdEdJbjlBWmhNMmkyY2dFMGdsRGFkaGNmSGxkOGR6TUE3OVF4NktIaXJIT3NrbGRhVWs0ak9ySk4wMUZTTFZOQjlBX21UdWZCU01UalRXU2JvajhyN085eDZqYTB1bTV2S2JUWXIxbnBNNjY3QzNIZHc4SDVIZFZTd283bFdfOUI2Y2xrQVRPNnpVeWpwZExtbDFQTGFzeTB4NmlON0VmaElaZTJkbmNna2p0OW5EVjBta09VeDJWMzlUdFdVM3lVdlpJaldHU2JxY0tXMFVpWDZZUWZ5UUdZaUNwTGt2NjZNamtyZENsVE81SUFsY3l2dEl2dVUtOG1PcG50Q0Q2NkNLbEo0ZlQxRXNDQXdFQUFhQUFNQTBHQ1NxR1NJYjNEUUVCQ3dVQUE0SUNBUUNNU3paOExvUmtFVU84SjIyZDh1bkhXdm5YSEpJakxRZjlGVzBnQVdla3MzMjgyeUNIVXVTNkt2dHBIVFh6QUZic1RwV195RGhlVmhPNE5pem9Hd0hESFpkejdVbDBiSjVROTJmQUEwcENWMkoyUk1ya081WVdHa2FQMWtieHpkcWlwYlFMdlFiODFGZk1RcmpzYzFTVnBNR3hKT05UdHdUMDZKQmdXVEQtWVFlYXBrSTdYRWdMSmdvdzVLUjB5M29kT2hLb2kwWUtFdTVyWHlfcFFTbnpSVGVUX1FrZ25ROFVaYjJaRjNXdzhSSElyU3lDcGFReVg1U1BZWFFsZno1UEdLdi1MNFB4eW5lX3d4UERjb19aTW5TY0VERzRJQnpwSmk5MDlQVnlGNnFvMDRBV0k1RVJIR3QzUS14bUNPdFNLX3FtNTJocUtmRnNWVDlaYVo4aFNqT2FyU2NLaHJyTVM4RnQ3UkRTRERyN3NhOWF2NTBkWHlzbmktcWdwZ0ZWeEhWSkF4aF9IaEItRzRVaVZBLWNKcGwwbG9vVWN5N2xiS2h4NW1pd25VR1gzbXJremRvdXB0emVKeEY2X0JGemsyMFZjcVlaNVhTMnBCNTliVHlWZHd4WDJ2VWIxaUd0V2JRU3lNZmMybDluajNUX25EaWhkWmlhWXRfVWhLVE84cFo2a3JDM1paVUVTS0NaZkVBSVFzOGcwSDZMOWttd0Z4RmN0VmpGdmF5TlpJMUY3eldVOFVKbFlaVnhtQXpwMFJsY28wc1UtbGg2cTZMM0ZqSk1mNXhSZWZsVDB0c3VQb1FHSndob1VSdzZlMmVfTXZqVlU3YXFFMmxMX2ZPVC1XemFYUm80WjltWm5hTFR6RVdVQ3dKeFlKNnFhdWdoOU9aV2g3T0lmQSJ9" | openssl dgst -sha256 -hex -sign $PRIV_KEY 6a71c7d1a9ac4acb47b0e0162353e770a56d52d8a9fcb8f1e38fd10d6920fd7681f12e0805ee1294bd15031768fcb6bd2364759a9c6d88ad396242788bead46e8f4acd572c2bedbc3a35b63500e29207ebd8c6c33eea7665edb8602d5636e731cd231d8c4980bd850bc72827be6a8cd472e3160b6548eb8fea50127053566e7129567be567954a85c313914689675bb9d457002d4a3466a7d90f6619cbf07c12b6c4b397a8be684be92f814820a1c5d9111bd9c53cd90a68d1599548e5b7c1e602e3d38f4f16633cf30dec2bec2551eeeb1417d64fde0e0e76a63a1d63d390820e8f75fc179512ab44298d5811967a808bcff3326205e8891582258af0fa7d1936c61bb071c975b11bf0c72e386554bce7067803b54e288e3ab5677b554f26430e97a5d2296f30d121ae4f3c1a515d51cd52b12281dbb8fd42784918f9b3f603d6d3718e3c916001518e0788159ba2ceaf6973e9b6a97403e23ff2b76215dfc243246e696ebb7651806f841c21ae67de9d377d9423376c6cc9eeb44559390bb44a075df01559787e84abc955f457783ba93251808454e094846a2ba8d0fecf96ba696698d141177f16976bb025d0b24ca040fd1e3dea365ced1601cc44ee4871600d292b26e08865ff70dc46f27c92955ebd80726c560d20bc9206d586206dbf4ec831fd12fcc20511124dffbb140e9daa7ce86e2be923fe61d47805c30c358d ---------------------------------------------------------------------------------------------------- Step 5: Install Certificate (waiting...) ---------------------------------------------------------------------------------------------------- -----BEGIN CERTIFICATE----- MIIF+zCCBOOgAwIBAgISBCwAFa6tzNg+/n1DF9DJ0ItTMA0GCSqGSIb3DQEBCwUA MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD EwNSMTAwHhcNMjQwOTE2MDI0MDQ5WhcNMjQxMjE1MDI0MDQ4WjAhMR8wHQYDVQQD ExZ3d3cuY2Fyb2xpbmFjdXN0b20uY29tMIICIjANBgkqhkiG9w0BAQEFAAOCAg8A MIICCgKCAgEAsyvDMpdVZPcTOFRGy7qwYtpsTxuwhRcpsIVZxAiiiV2+jGyHDFfX ja56UBZ9DyudCDP/OwBeniqNTDsSsPbAPYxFYLHy04zGZXXRBRC5Mi/bvDoqvqc7 AiBaN9mNxuTw6s6ukX3LfgkKWeVsdhgwmtE+Z1gLmQfZL920GANzYb4aDOoHrpru k89nDC5hdEr20c9+GUT97+pTFiShItuB71QtGPcSHrSLQ2Rgj3mdptnGsGnwWdJB 7zn9/50SZ3I6VenyEp+86TX5BnJI1oimEvaDPWB8jqY3canpOthKT1oXzSdEyh1n NGaC0qhetp2wjoXX1RtOAw8xvoFexn2FBhljBiG+A6cCsE6oFmmcdWsbLEQfq8XA 3RQXpQqWFhoA0YYyrk6gSEs3FaLHIa8xL1UwAJ+/OsttLtGIn9AZhM2i2cgE0glD adhcfHld8dzMA79Qx6KHirHOskldaUk4jOrJN01FSLVNB9A/mTufBSMTjTWSboj8 r7O9x6ja0um5vKbTYr1npM667C3Hdw8H5HdVSwo7lW/9B6clkATO6zUyjpdLml1P Lasy0x6iN7EfhIZe2dncgkjt9nDV0mkOUx2V39TtWU3yUvZIjWGSbqcKW0UiX6YQ fyQGYiCpLkv66MjkrdClTO5IAlcyvtIvuU+8mOpntCD66CKlJ4fT1EsCAwEAAaOC AhkwggIVMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB BQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUP2M4zUsj4CDJ40lFnT3wOecr McgwHwYDVR0jBBgwFoAUu7zDR6XkvKnGw6RyDBCNojXhyOgwVwYIKwYBBQUHAQEE SzBJMCIGCCsGAQUFBzABhhZodHRwOi8vcjEwLm8ubGVuY3Iub3JnMCMGCCsGAQUF BzAChhdodHRwOi8vcjEwLmkubGVuY3Iub3JnLzAhBgNVHREEGjAYghZ3d3cuY2Fy b2xpbmFjdXN0b20uY29tMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBAwYKKwYBBAHW eQIEAgSB9ASB8QDvAHUAGZgQcQnw1lIuMIDSnj9ku4NuKMz5D1KO7t/OSj8WtMoA AAGR+OnWAAAABAMARjBEAiBWdkZy1BgBzLk8etETcW4hYmRgO9/MTrrT9bjEnPSC QwIgfdFm5rk+Nvx3RUm1b9iUBEf04HmP2jySadAFeEdZZg8AdgB2/4g/Crb7lVHC Ycz1h7o0tKTNuyncaEIKn+ZnTFo6dAAAAZH46dYbAAAEAwBHMEUCIB+z0pT07Ipk DcL9NktEQd5Yx6xYKwF86/r7wOZ58trrAiEAvoqk7QQbY++NxJlZdhduRJVSjsIY CFUn5LoCA1T+zZcwDQYJKoZIhvcNAQELBQADggEBAH4KfABMY/uAyGImndGy1yvX TD6VzGiAtRPbaG6ELxnTvrsFJnzShN1fK1iOscRN3pDOBajTZp6ANNmXnfpxWB6T 3ZCQRJSXEJksAHtNe4qvciZW48bq+bRYjE3DtfwPOIWNHTIHJby0qJiYEPWEIvAs qCmQ84Y0e4F5VqPg4M+aqStUyw5bzg/mv4YRTMGXc2ntMGwPLx/rKxtYt5cLRzBN LopPjlA1NAnfj7/fnjeCcEzBmHQuVrikqYeSeJOkmsT4Y8AWsC66OmAalJPGl4ne DABPubimnk+282I41Rnewj+fAe2GlqQTl2BJkU06DFr0Q23Cb5Jw48WjfVYPksA= -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIFBTCCAu2gAwIBAgIQS6hSk/eaL6JzBkuoBI110DANBgkqhkiG9w0BAQsFADBP MQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJuZXQgU2VjdXJpdHkgUmVzZWFy Y2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBYMTAeFw0yNDAzMTMwMDAwMDBa Fw0yNzAzMTIyMzU5NTlaMDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBF bmNyeXB0MQwwCgYDVQQDEwNSMTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK AoIBAQDPV+XmxFQS7bRH/sknWHZGUCiMHT6I3wWd1bUYKb3dtVq/+vbOo76vACFL YlpaPAEvxVgD9on/jhFD68G14BQHlo9vH9fnuoE5CXVlt8KvGFs3Jijno/QHK20a /6tYvJWuQP/py1fEtVt/eA0YYbwX51TGu0mRzW4Y0YCF7qZlNrx06rxQTOr8IfM4 FpOUurDTazgGzRYSespSdcitdrLCnF2YRVxvYXvGLe48E1KGAdlX5jgc3421H5KR mudKHMxFqHJV8LDmowfs/acbZp4/SItxhHFYyTr6717yW0QrPHTnj7JHwQdqzZq3 DZb3EoEmUVQK7GH29/Xi8orIlQ2NAgMBAAGjgfgwgfUwDgYDVR0PAQH/BAQDAgGG MB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATASBgNVHRMBAf8ECDAGAQH/ AgEAMB0GA1UdDgQWBBS7vMNHpeS8qcbDpHIMEI2iNeHI6DAfBgNVHSMEGDAWgBR5 tFnme7bl5AFzgAiIyBpY9umbbjAyBggrBgEFBQcBAQQmMCQwIgYIKwYBBQUHMAKG Fmh0dHA6Ly94MS5pLmxlbmNyLm9yZy8wEwYDVR0gBAwwCjAIBgZngQwBAgEwJwYD VR0fBCAwHjAcoBqgGIYWaHR0cDovL3gxLmMubGVuY3Iub3JnLzANBgkqhkiG9w0B AQsFAAOCAgEAkrHnQTfreZ2B5s3iJeE6IOmQRJWjgVzPw139vaBw1bGWKCIL0vIo zwzn1OZDjCQiHcFCktEJr59L9MhwTyAWsVrdAfYf+B9haxQnsHKNY67u4s5Lzzfd u6PUzeetUK29v+PsPmI2cJkxp+iN3epi4hKu9ZzUPSwMqtCceb7qPVxEbpYxY1p9 1n5PJKBLBX9eb9LU6l8zSxPWV7bK3lG4XaMJgnT9x3ies7msFtpKK5bDtotij/l0 GaKeA97pb5uwD9KgWvaFXMIEt8jVTjLEvwRdvCn294GPDF08U8lAkIv7tghluaQh 1QnlE4SEN4LOECj8dsIGJXpGUk3aU3KkJz9icKy+aUgA+2cP21uh6NcDIS3XyfaZ QjmDQ993ChII8SXWupQZVBiIpcWO4RqZk3lr7Bz5MUCwzDIA359e57SSq5CCkY0N 4B6Vulk7LktfwrdGNVI5BsC9qqxSwSKgRJeZ9wygIaehbHFHFhcBaMDKpiZlBHyz rsnnlFXCb5s8HKn5LsUgGvB24L7sGNZP2CX7dhHov+YhD+jozLW2p9W4959Bz2Ei RmqDtmiXLnzqTpXbI+suyCsohKRg6Un0RC47+cpiVwHiXZAW+cn8eiNIjqbVgXLx KPpdzvvtTnOPlC7SQZSYmdunr3Bf9b77AiC/ZidstK36dRILKz7OA54= -----END CERTIFICATE----- ---------------------------------------------------------------------------------------------------- additional FYI for debug ---------------------------------------------------------------------------------------------------- cd /usr/local/apache/conf/ssl.crt mv carolinacustom.crt carolinacustom.crt__lets_encrypt_domain_crt_2024_06_18 cp -a /home/scdemarc/www/ssl_cert/lets_encrypt/2024_09_15/domain.crt carolinacustom.crt cd /usr/local/apache/conf/ssl.key mv carolinacustom.key carolinacustom.key__lets_encrypt_domain_key_2024_06_18 cp -a /home/scdemarc/www/ssl_cert/lets_encrypt/2024_09_15/domain.key carolinacustom.key Then restart Apache with the "astart" alias If you see the following when you try to restart Apache, then it might be because you forgot to the Python simple server above from step-4 (98)Address already in use: make_sock: could not bind to address [::]:80