Ok, today I was greeted to my website not loading https, the certificates are expired.
Heres what happens when I run certbot --update on my apache2 server
certbot --update
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Which names would you like to activate HTTPS for?
1: squidblacklist.org
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel):1
Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
Obtaining a new certificate
Performing the following challenges:
tls-sni-01 challenge for squidblacklist.org
/usr/lib/python2.7/dist-packages/OpenSSL/rand.py:58: UserWarning: implicit cast from 'char *' to a different pointer type: will be forbidden in the future (check that the types are as you expect; use an explicit ffi.cast() if they are correct)
result_code = _lib.RAND_bytes(result_buffer, num_bytes)
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. squidblacklist.org (tls-sni-01): urn:acme:error:malformed :: The request message was malformed :: Server only speaks HTTP, not TLSIMPORTANT NOTES:
The following errors were reported by the server:
Domain: squidblacklist.org
Type: malformed
Detail: Server only speaks HTTP, not TLSTo fix these errors, please make sure that you did not provide any
invalid information to the client, and try running Certbot again.
Ok hello McFly?!?!?!?
Any help would be greatly appreciated.
[Sat Dec 01 15:52:36.906516 2018] [ssl:warn] [pid 27475] AH01916: Init: (www.squidblacklist.org:443) You configured HTTP(80) on the standard HTTPS(443) port!
That sounds like it would be easy to fix, NOT!
Whats missing from my conf???
Include sites-enabled/
NameVirtualHost 1.2.3.4:80
NameVirtualHost 1.2.3.4:443
<VirtualHost 1.2.3.4:80>
<Directory /var/www/html/>
<VirtualHost 1.2.3.4:443>
<Directory /var/www/html/>
<VirtualHost 1.2.3.4:80>
ServerAdmin webmaster@squidblacklist.org
ServerName www.squidblacklist.org
ServerAlias squidblacklist.org
DocumentRoot /var/www/www.squidblacklist.org/
DirectoryIndex index.html
RewriteEngine on
RewriteCond %{HTTP_HOST} ^squidblacklist.org
RewriteRule ^(.*)$ http://www.squidblacklist.org$1 [R=permanent,L]
<Directory /var/www/www.squidblacklist.org/>
AuthType None
Options FollowSymLinks
AllowOverride All
CustomLog /var/log/apache2/www.squidblacklist.org.access.log combined
ErrorLog /var/log/apache2/www.squidblacklist.org.error.log
ServerSignature Off
ErrorDocument 404 /404.html
ErrorDocument 401 /401.html
<Directory /var/www/www.squidblacklist.org/downloads/squidblacklists>
Options FollowSymLinks
Options +Indexes
AllowOverride None
AuthType Basic
AuthName "Members Only"
AuthUserFile /etc/supersecret
Require valid-user
<Directory /var/www/www.squidblacklist.org/downloads/whitelists/>
Options FollowSymLinks
Options +Indexes
AllowOverride None
AuthType None
<Directory /var/www/www.squidblacklist.org/resolved/>
Options FollowSymLinks
Options +Indexes
AllowOverride None
AuthType Basic
AuthName "Members Only"
AuthUserFile /etc/supersecret
Require valid-user
<VirtualHost 1.2.3.4:443>
ServerAdmin webmaster@squidblacklist.org
ServerName www.squidblacklist.org
ServerAlias squidblacklist.org
DocumentRoot /var/www/www.squidblacklist.org/
DirectoryIndex index.html
RewriteEngine on
RewriteCond %{HTTP_HOST} ^squidblacklist.org
RewriteRule ^(.*)$ http://www.squidblacklist.org$1 [R=permanent,L]
<Directory /var/www/www.squidblacklist.org/>
AuthType None
Options FollowSymLinks
AllowOverride All
CustomLog /var/log/apache2/www.squidblacklist.org.access.log combined
ErrorLog /var/log/apache2/www.squidblacklist.org.error.log
ServerSignature Off
ErrorDocument 404 /404.html
ErrorDocument 401 /401.html
<Directory /var/www/www.squidblacklist.org/downloads/squidblacklists>
Options FollowSymLinks
Options +Indexes
AllowOverride None
AuthType Basic
AuthName "Members Only"
AuthUserFile /etc/supersecret
Require valid-user
<Directory /var/www/www.squidblacklist.org/downloads/whitelists/>
Options FollowSymLinks
Options +Indexes
AllowOverride None
AuthType None
<Directory /var/www/www.squidblacklist.org/resolved/>
Options FollowSymLinks
Options +Indexes
AllowOverride None
AuthType Basic
AuthName "Members Only"
AuthUserFile /etc/supersecret
Require valid-user