Certbot https works only on www-less domain

mightyxu · April 22, 2020, 10:43pm

My domain is: clean.ml

My web server is (include version): Apache/2.4.38 (Debian)

The operating system my web server runs on is (include version): debian 10

My hosting provider, if applicable, is: gcp compute engine

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): ssh web console

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.31.0

When i ran the bot i put only “clean.ml” as domain, but i want it to work on “www.clean.ml” as well.
How do i achieve that?

Im using cloudflare as DNS with:
A record to clean.ml pointing to my servers IP
A record to www.clean.ml pointing to my servers IP
and SSL encryption Full (strict) mode

vsnt · April 22, 2020, 11:03pm

Hey Mightyxu,

I had the same problem as you before. What I did was I re-ran Certbot and selected expand existing certificates. That way, the certificate I had for the non-www domain was expanded to cover the www subdomain.

Then you can use the Bot to deploy the certificate onto the web server configuration.

I did all of this from the command line, so not sure if it’s the same for you.

I hope this helps!

mightyxu · April 22, 2020, 11:12pm

Hey vsnt,

I ran Certbot again via command line trying this command

sudo certbot certonly --apache

And got this reply, which gives me only 1 choise, the www-less domain that already works.

Which names would you like to activate HTTPS for?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: clean.ml
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel):

mnordhoff · April 22, 2020, 11:15pm

Is there a virtual host in Apache with www.clean.ml in the ServerName or ServerAlias?

mightyxu · April 22, 2020, 11:17pm

Any idea how to check that? Sorry I’m kinda new to VM Linux.
It’s a new server that i put up today, i did not intentionally configure a virtual host in apache.
Does Certbot auto-configure that as well?

Found this running
sudo apache2ctl -S

VirtualHost configuration:
*:443 clean.ml (url) info edited out
*:80 clean-server.us(url) info edited out

From *:80 config file
RewriteCond %{SERVER_NAME} =clean.ml
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

Tried running: “sudo certbot --apache -d clean.ml -d www.clean.ml” and got:

We were unable to find a vhost with a ServerName or Address of www.clean.ml.
Which virtual host would you like to choose?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: 000-default-le-ssl.conf        | clean.ml              | HTTPS | Enabled
2: 000-default.conf               |                       |       | Enabled
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Do i need to have virtual host in Apache for www.clean.ml for this to work?

system · May 22, 2020, 11:17pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.