Check the services running on the host:
nmap $DIGITALOCEAN 21/tcp open ftp 25/tcp open smtp 80/tcp open http 143/tcp open imap 443/tcp open https 465/tcp closed smtps 587/tcp open submission 993/tcp open imapswww and mail must be running otherwise certbot will error out like:
"Certbot could not find a VirtualHost for mail.vasilian.net in the Apache configuration. Please create a VirtualHost with a ServerName matching mail.vasilian.net and try again."
Read about installing the Let's Encrypt Certbot and how to create a SSL certificate for the domain and subdomains.
dnf install certbot python3-certbot-apache certbot --apache
This will detect only the www and domain name, but will not show the mail. subdomain
You have to re-run with expand option
to include also the mail.vasilian.net
certbot --expand -d www.vasilian.net,vasilian.net,mail.vasilian.net
Select this option when asked:
We were unable to find a vhost with a ServerName or Address of mail.vasilian.net. Which virtual host would you like to choose? - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1: ssl.conf | | HTTPS | Enabled 2: vasilian.net.conf | Multiple Names | | Enabled 3: vasilian.net-le-ssl.conf | Multiple Names | HTTPS | Enabled
To check if SSL certificate is installed correctly use the SSL Server Test page.
Add a crontab job to renew the certificate.
Use -e option to edit (vi) /var/spool/cron/root
crontab -e # insert next line, save & exit * * * * 1 certbot renew >/dev/null 2>&1
To list all crontab jobs
crontab -l * * * * 1 certbot renew >/dev/null 2>&1 crontab -u mihai -l no crontab for mihai
To check a simple command use Crontab Generator