I find it kind of odd that there is no canonical, "POSIX" location for TLS host certificate. In lower parts of Web3/CSS/TLS/TCP/IP, there is /etc/resolv.conf, /var/log/messages, /etc/ssh/ssh_host_rsa_key, so on and forth, but not "/etc/hostname.pub" that Apache and nginx from ideal parallel world both looks up by default, or DHCP Option 666 "local certificate issuer IP address". I was just bored enough to watch someone setup Solaris on QEMU and that makes me think had SUNW existed today that's definitely how they would have done it.
But no, it's in wherever path specified in /etc/apache2/sites-enabled/virtualhost12345.conf, which can be /etc/letsencrypt/whatever/subdirectory/hostname.pem or /usr/ssl/certs/dynamic_file_name.cer, and in many other cases it's whatever that `docker exec stout_kaltsit cat /ssl-cert-private.key` yields. No one even agrees on whether it sits in /etc or /usr or /var or somewhere mapped deep down.
The whole TLS is just a hindrance that throws error that needs to be hastily cleared when encountered because the Web server stack is bunch of afterthoughts and that's what is showing.
But no, it's in wherever path specified in /etc/apache2/sites-enabled/virtualhost12345.conf, which can be /etc/letsencrypt/whatever/subdirectory/hostname.pem or /usr/ssl/certs/dynamic_file_name.cer, and in many other cases it's whatever that `docker exec stout_kaltsit cat /ssl-cert-private.key` yields. No one even agrees on whether it sits in /etc or /usr or /var or somewhere mapped deep down.
The whole TLS is just a hindrance that throws error that needs to be hastily cleared when encountered because the Web server stack is bunch of afterthoughts and that's what is showing.