Hello, I have set up my webpage using the domain from Namecheap,
I have set up the SSL on namecheap and put the keys into my domain in Hestia. However the website says its self signed. Namecheap support gave me this link to reference.
I have the certificate downloaded but cant seem to find the location to upload or how to validate it.
Ive tried googling but cant find anything and was given this resource
It shows how to download your certificate (.crt file), and the ca certificate (.ca-bundle file) and this one is the right you must add into field SSL Certificate Authority / Intermediate
So i opened the CA-Bundle file and pasted the content. it was 3 separate certificates. (IE -----BEGIN CERTIFICATE----- {content} -----END CERTIFICATE----- 3x)
I get a Error: SSL intermediate chain is not valid error.
I suppose they are including also your certificate in the ca-bundle it should be the first cert in the file, copy the other two or if you want to know which are the three certs included and the order, use this command:
Seems all three are the ca certificates, the first two the intermediates and the last one the root ca. If doesn’t work using all three, use only the first 2 certs.
No combination of all three certs seems to work, all return a Error: SSL intermediate chain is not valid when placed into the SSL Certificate Authority / Intermediate
CRT file:
Issuer C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
Not Before xxxxxxxxxxx
Not After xxxxxxxxxxxx 2025
Subject CN=domain.url
DNS domain.url, DNS:www.domain.url
I see no problem. The ca-bundle contains the chain you need to verify the certificate, indeed with only the first 2 it should work because the last one should be already in the cert store of the client computer or browser.
I would copy the certs and will paste it to an editor without format and then I’ll copy them again and paste in the right fields to avoid wrong dashes.
Im new to webhosting outside of cpanel so this is my first time doing this more manually. the main issue of getting a security warning goes away now when going to the domain via incognito. So no warning pops up when a user would visit.
but upon looking at the domain using https://decoder.link/sslchecker/ I do see that it is not using the certificate generated by Namecheap.
It is ok to use Let’s Encrypt certificates, is there any reason you want to pay for a certificate?
Anyways, you could try to update the cert from command line, create a dir (for example /tmp/cert/) where you will copy the certificate, the key and the ca-bundle and the files must have this format (I’ll use example.com as the domain):
example.com.crt
example.com.key
example.com.ca
Then execute this command (replace fortune by your actual Hestia user):