Apache not loading directory index unless i add the directory file name after .com like https://walkershire.net/walkershire

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: walkershire.net

I ran this command: https://walkershire.net/

It produced this output: It Works!!! BUT if I run Walkershire it works

My web server is (include version):Apache 2.4

The operating system my web server runs on is (include version): MacOS Monterey 12.4

My hosting provider, if applicable, is:my company

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):1.28.0

Hi @CaptainBill, and welcome to the LE community forum :slight_smile:

Let's have a look at:
apachectl -t -D DUMP_VHOSTS


sudo apachectl -t -D DUMP_VHOSTS

VirtualHost configuration:
*:80                   is a NameVirtualHost
         default server envirotemps.com (/usr/local/etc/httpd/extra/httpd-vhosts.conf:30)
         port 80 namevhost envirotemps.com (/usr/local/etc/httpd/extra/httpd-vhosts.conf:30)
                 alias www.envirotemps.com
         port 80 namevhost Hi-Tech.Rent (/usr/local/etc/httpd/extra/httpd-vhosts.conf:58)
                 alias www.Hi-Tech.Rent
         port 80 namevhost D7036.com (/usr/local/etc/httpd/extra/httpd-vhosts.conf:85)
                 alias www.D7036.com
         port 80 namevhost walkershire.net (/usr/local/etc/httpd/extra/httpd-vhosts.conf:110)
                 alias www.walkershire.net
         port 80 namevhost Hi-TechRent.com (/usr/local/etc/httpd/extra/httpd-vhosts.conf:136)
                 alias www.Hi-TechRent.com
         port 80 namevhost beyond.cleanair.com (/usr/local/etc/httpd/extra/httpd-vhosts.conf:163)
                 alias www.beyond.cleanair.com
         port 80 namevhost www.remiwalker.com (/usr/local/etc/httpd/extra/httpd-vhosts.conf:221)
                 alias remiwalker.com
         port 80 namevhost (/usr/local/etc/httpd/extra/httpd-vhosts.conf:276)
         port 80 namevhost localhost (/usr/local/etc/httpd/extra/httpd-vhosts.conf:322)
*:443                  localhost (/usr/local/etc/httpd/extra/httpd-ssl.conf:121)

I see "the problem".

The names are only individualized within the HTTP server blocks.
There is only one HTTPS server block [and it serves all the sites from a root to all of them].
That means:
http://envirotemps.com works
https://envirotemps.com fails
http://Hi-Tech.Rent works
https://Hi-Tech.Rent fails

You will need to make individualized HTTPS server blocks [one for each of the names].
So that each name can be pointed to the corresponding DocumentRoot.

But the first step is to ensure you have a cert for each of the names.
Let's have a look at:
certbot certificates


I now know that I should have put 2 addresses for my 7 domain using www and naked.

Certificate Name: beyond.cleanair.com
    Serial Number: 3d3e9db206fe62bf70899b19b851f3bc057
    Key Type: RSA
    Domains: beyond.cleanair.com  envirotemps.com 	hi-tech.rent
    Expiry Date: 2022-10-08 22:00:07+00:00 (VALID: 86 days)
    Certificate Path: /usr/local/etc/certbot/certs/live/beyond.cleanair.com/fullchain.pem
    Private Key Path: /usr/local/etc/certbot/certs/live/beyond.cleanair.com/privkey.pem
Certificate Name: d7036.com
    Serial Number: 46bb125150b9cf2503f9268890e5596442c
    Key Type: RSA
    Domains: d7036.com
    Expiry Date: 2022-10-08 22:02:40+00:00 (VALID: 86 days)
    Certificate Path: /usr/local/etc/certbot/certs/live/d7036.com/fullchain.pem
    Private Key Path: /usr/local/etc/certbot/certs/live/d7036.com/privkey.pem
 Certificate Name: envirotemps.com
    Serial Number: 4283fd2a6afb1912baff6432044664b495a
    Key Type: RSA
    Domains: envirotemps.com
    Expiry Date: 2022-10-08 22:01:23+00:00 (VALID: 86 days)
    Certificate Path: /usr/local/etc/certbot/certs/live/envirotemps.com/fullchain.pem
    Private Key Path: /usr/local/etc/certbot/certs/live/envirotemps.com/privkey.pem
 Certificate Name: hi-tech.rent
    Serial Number: 3d96c05fdd61a309685a3b047655380b78b
    Key Type: RSA
    Domains: hi-tech.rent
    Expiry Date: 2022-10-08 22:02:11+00:00 (VALID: 86 days)
    Certificate Path: /usr/local/etc/certbot/certs/live/hi-tech.rent/fullchain.pem
    Private Key Path: /usr/local/etc/certbot/certs/live/hi-tech.rent/privkey.pem
Certificate Name: walkershire.net
    Serial Number: 42a7ccaf0fe3d7f003411a4926318742d6c
    Key Type: RSA
    Domains: walkershire.net beyond.cleanair.com d7036.com envirotemps.com hi-tech.rent
    Expiry Date: 2022-10-08 19:22:19+00:00 (VALID: 86 days)
    Certificate Path: /usr/local/etc/certbot/certs/live/walkershire.net/fullchain.pem
    Private Key Path: /usr/local/etc/certbot/certs/live/walkershire.net/privkey.pem
- - - - - - - - - - - -

For brevity, I will refer to the certs by their order of appearance.

All cert #1 names are covered by cert #5
The cert #2 name is covered by cert #5
The cert #3 name is covered by cert #5
The cert #4 name is covered by cert #5

So, you really only need cert #5.
You can delete the first four certs, with:
certbot delete --cert-name beyond.cleanair.com
certbot delete --cert-name d7036.com
certbot delete --cert-name envirotemps.com
certbot delete --cert-name hi-tech.rent
OR you could go in the completely opposite direction and obtain individualized certs [one per name].
For that, delete the first and last certs and then obtain new ones with only the individual names on them.

That said, none of the certs cover any of the "www" names.
[which is what I think you were referring to]

OK, so required cert(s): :ballot_box_with_check:

Next step: Create HTTPS server blocks for each site/name.


Ok I will delete cert 1 - 4 and keep #5
Then add the all the www in one cert
then 7 days later add the 3 naked I deleted

Do you have a suggestion link on how best to Create the server blocks to list to both ports?

That is a very basic Apache "how to" type question that isn't really part of what we try to cover here.

That said, certbot can take an HTTP server block and make an HTTPS server block from it.
So, you could use certbot to get them all going [at least with a basic config] for you.


Great I will be doing that now and the BEER4 . Thank YOU!!


For your reference:
User Guide — Certbot 1.27.0 documentation (eff-certbot.readthedocs.io)
--installer apache


I temporarily solve my problem by using this in my http-VHosts.config
Options +FollowSymLinks
RewriteEngine On
RewriteCond %{ENV:HTTPS} !=on
RewriteRule ^(.*)$ https://walkershire.net/walkershire$1 [R=301,L]

Not elegant but it works for now.

That only works if they type: http://site
If they type: https://site it will still be broken.


Using @rg305 suggestion to check Apache Forums I found the best solution for my problem at ApacheLounge.com posted by Mox on June 26, 2022.

With some enhancements it is:

<VirtualHost *:80> 
    ServerName Site.com 
    ServerAlias www.Site.com 
    DocumentRoot /var/www/Site.com 
    Redirect / https://www.Site.com/ 

<VirtualHost *:443> 
    ServerAdmin admin@Site.com 
    ServerName Site.com 
    ServerAlias www.Site.com 
    DocumentRoot /var/www/Site.com 
    SSLEngine on 
    SSLCertificateKeyFile /usr/local/etc/certbot/certs/live/site_com/privkey.pem
    SSLCertificateFile    /usr/local/etc/certbot/certs/live/site_com/cert.pem
    SSLCertificateChainFile     /usr/local/etc/certbot/certs/live/site_com/fullchain.pem

#  etc for errors index options ...etc


All works now!

1 Like

Not quite :slight_smile:

This is causing your server to send duplicate leaf certs

Replace cert.pem with with fullchain.pem and remove the line for SSLCertificateChainFile. This latter option was deprecated long ago and is only used in very peculiar cases. So, should be:

SSLCertificateKeyFile /usr/local/etc/certbot/certs/live/site_com/privkey.pem
SSLCertificateFile    /usr/local/etc/certbot/certs/live/site_com/fullchain.pem

Thanks for the :beers:


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.