Cannot connect via http after running certbot for apache


#1

Hope someone can help me here…

I have a raspberry pi running Apache. I have two domain names pointing to the IP address of the box. I ran certbot to configure one of the domain names for https - chose the Easy option so I could connect to both http and https (I figured I could change this manually later on).

After running I can now connect to https. But I can’t connect to http - browser just times out. Nothing in apache’s access.log or error.log.

Weird thing is, the other domain name (connecting to the same box, same apache config, etc.) still works for http - so I’m thinking it can’t be a firewall problem.

Can’t see anything in apache config files that would make it behave in this way. As an experiment I tried removing the ssl config from sites-available - but that just stopped https working and still http didn’t work.

I’m clearly missing something here but can’t for the life of me figure out what it is.


#2

Have you setup a redirect for the port 80 site to redirect to port 443 ?? What’s your domain name ??

Your Apache vhost conf file should look something like this.

<IfModule mod_ssl.c>
<VirtualHost *:443>
DocumentRoot /var/www/mysite/
ServerName mysite.com
ServerAlias www.mysite.com
ErrorLog ${APACHE_LOG_DIR}/mysite-error.log
CustomLog ${APACHE_LOG_DIR}/mysite-access.log
<Directory "/var/www/mysite/">
Options +Includes
Options +FollowSymLinks -Indexes
....... OTHER STUFF HERE
</Directory>
SSLCertificateFile /etc/letsencrypt/live/mysite.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/mysite.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateChainFile /etc/letsencrypt/live/mysite.com/chain.pem
</VirtualHost>
</IfModule>
<VirtualHost *:80>
ServerName mysite.com
ServerAlias www.mysite.com
ErrorLog ${APACHE_LOG_DIR}/mysite-error.log
CustomLog ${APACHE_LOG_DIR}/mysite-access.log
        RewriteEngine On
        RewriteCond %{HTTPS} off
        RewriteCond %{HTTP_HOST} ^(?:www\.)?(.*)$ [NC]
        RewriteRule (.*) https://mysite.com%{REQUEST_URI} [END,QSA,R=permanent]
</VirtualHost>

#3

Sorted! Thanks very much. The bit that I was missing was the VirtualHost *:80 at the bottom. I was expecting the old hosts file that had this bit in to still work. Once I added it to the new one that certbot created, it worked.


#4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.