Stefano,
Thank you for your reply. I know the standard entries for modSSL. Unfortunately, when I installed manually I created a dehydrated-hook script that modified the standard modSSL file. I see that the entrees in /db/configuration/defaults/modSSL are fine. The problem is that on rebooting there is an error in /etc/http.conf/httpd.conf at line 133.
It says that /etc/dehydrated/certs/woodlawnfoundation.org/cert.pem does not exist of is empty and then the webserver fails to load. Since the webserver does not start, it is not accessible and the challenge fails. I need to find what file to change so that config show modSSL reads
modSSL=service
TCPPort=443
access=public
status=enabled
That is what is shown in the WIKI. Somewhere in the templates lines are added to /etc/httpd/conf/httpd.conf that makes it look for these certificate files. If I put in blank files for cert.pem.privkey.pem and chain.pem, the errors go away and the web site comes up. dehydrated -c gives a new error
# INFO: Using main config file /etc/dehydrated/config
Processing woodlawnfoundation.org with alternative names: mail.woodlawnfoundation.org
www.woodlawnfoundation.org + Checking domain name(s) of existing cert...unable to load certificate
140038517884744:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:703:Expecting: TRUSTED CERTIFICATE
Not sure how to proceed at this point. A trusted certificate was issued and now is no longer on the machine since I deleted the /etc/dehydrated directory when I began from scratch. I thought I made a backup, but I only backed up the modSSL file. The certicate expires August 1, so maybe when it expires and a trusted certificate no longer exists, the challenge will work.
Any thoughts are appreciated.
Mike