Okay so as guided by @pfg last time, this time I’ve created separate conf file for my domain, at conf.d
Then, executed ./certbot-auto
selected www version of domain from 2 options aka., www-version of the domain and non-www one… then entered email, support@oldskoolgaming.tk then choosed allow both http and https version ! Now done it without any errors for the very first time ! Hurray !
It looks like you’re setting a self-signed certificate somewhere in your config (this might have been generated automatically when you installed mod_ssl or something like that).
Try running grep -r "SSLCertificateFile" /etc/httpd and check if there are any certificate files you don’t recognize (i.e. that don’t belong to certbot), and get rid of those directives. If you need help with that, please post the entire file where you’ve found this directive.
Okay So As Much as I know, The certificate have to be issued by 'Lets Encrypt' not 'oldskoolgaming' and Issued to as 'www.oldskoolgaming.tk', Isn't it ?!
/etc/httpd/conf.d/oldskoolgaming.tk-le-ssl.conf:SSLCertificateFile /etc/letsencr ypt/live/www.oldskoolgaming.tk/cert.pem /etc/httpd/conf.d/ssl.conf:# Point SSLCertificateFile at a PEM encoded certifica te. If /etc/httpd/conf.d/ssl.conf:SSLCertificateFile /etc/pki/tls/certs/localhost.crt /etc/httpd/conf.d/ssl.conf:# the referenced file can be the same as SSLCertifi cateFile
Help Me Out Brother !~
/etc/httpd/conf.d/ssl.conf is the problematic file, /etc/pki/tls/certs/localhost.crt is the path to that self-signed certificate you’re seeing in the browser.
Can you post the contents of both /etc/httpd/conf.d/oldskoolgaming.tk-le-ssl.conf and /etc/httpd/conf.d/ssl.conf?
Your /etc/httpd/conf.d/oldskoolgaming.tk-le-ssl.conf looks very odd. This VirtualHost should be for port 443 (HTTPS). Was this created by certbot's apache plugin, or did you manually create or modify this file?
Either way, changing everything in that file to port 443 (instead of port 80) should be a good start. I'm not seeing any <VirtualHost> tags either, are those missing or did they get lost because of the formatting here? (to paste code that spans multiple lines, put it between three backticks, i.e.:
I've completely used cert-bot and haven't done any kinda changes, well, for one more step confirmation, I'll be emailing you and 'OSG* Initial Website Setup' txt file - which will contain the codes to install the website in any VPS, which is running CentOS 6.8 - Specially for DigitalOcean Droplets..
*OSG Stands For Old Skool Gaming - My Website name (Short Form)
I'll do it after ending my reply and then will be posting the result shortly.
Umm, Well, Maybe.. Let me take a Screen Shot and Upload here on my next reply..
So Yeah @pfg you were correct…
Here’s the screenshot, and are present on their location…
Okay So Change The Name Virtual host to 443, saved the file then executed service httpd restart
Nothing happened ! Well for an healthy note.,
Here’s a message stating Server could not reliably determine it’s fully qualified domain., As much as I’ve experience in linux, this can’t be the problem, but maybe !
Let’s try removing all lines between (and including) <VirtualHost _default_:443> and </VirtualHost> in /etc/httpd/conf.d/ssl.conf. Not sure why apache is using that vhost to serve your domain, but it looks like that’s what’s happening.
Okay @pfg so as you guided me I’ve removed all lines between (and including) <VirtualHost _default_:443> and </VirtualHost> in /etc/httpd/conf.d/ssl.conf
Then Saved it, and executed the cmd service httpd restart
I’ve got an warning, Here’s the screenshot of it…
Hmm, this sounds familiar. Can you try removing the <IfModule mod_ssl.c> (and the corresponding closing tag) from /etc/httpd/conf.d/oldskoolgaming.tk-le-ssl.conf? I think I’ve seen a similar problem where it was due to apache processing the config that enables mod_ssl after it encounters the config with that IfModule, and so doesn’t evaluate that vhost at all.
Okay ! Good News,
Removed those 2 tags, u told to… executed an httpd restart ! And bingo
I can access both www version and non www version from https version ! hell yeah !
I guess we’ve encountered kinda same problem last time, isn’t it ?!