Certbot installed but https still not working

Help
#1

My domain is: tvaluer.com

I added certbot and the certificate was installed for both www and without

My web server is: apache on ubuntu18.04 and certbot 0.27.0

tvaluer.conf:

<VirtualHost *:80>

    ServerAdmin webmaster@localhost

    ServerName tvaluer.com

    ServerAlias www.tvaluer.com

    DocumentRoot /var/www/html

    <Directory /var/www/html>

        Options FollowSymLinks

        AllowOverride All

        Require all granted

    </Directory>

    ErrorLog ${APACHE_LOG_DIR}/error.log

    CustomLog ${APACHE_LOG_DIR}/access.log combined

</VirtualHost>

tvaluer-ssl.conf :

> <VirtualHost *:443>
> 
>     ServerAdmin webmaster@localhost
> 
>     ServerName tvaluer.com
> 
>     ServerAlias www.tvaluer.com
> 
>     DocumentRoot /var/www/html
> 
>     <Directory /var/www/html>
> 
>         Options FollowSymLinks
> 
>         AllowOverride All
> 
>         Require all granted
> 
>     </Directory>
> 
>     ErrorLog ${APACHE_LOG_DIR}/error.log
> 
>     CustomLog ${APACHE_LOG_DIR}/access.log combined
> 
> SSLCertificateFile /etc/letsencrypt/live/tvaluer.com/fullchain.pem
> 
> SSLCertificateKeyFile /etc/letsencrypt/live/tvaluer.com/privkey.pem
> 
> Include /etc/letsencrypt/options-ssl-apache.conf
> 
> </VirtualHost>

I enabled ssl_mod and restarted apache for a million times, but still no luck... any ideas?

1 Like
#2

Welcome to the Let's Encrypt Community, Alex :slightly_smiling_face:

  1. Add SSLEngine on as the top line in your port 443 VirtualHost
  2. Replace the DocumentRoot line in your port 80 VirtualHost with Redirect / https://www.tvaluer.com/
  3. Restart apache
1 Like
#3

Hi @alex2323

what says

apachectl -S
1 Like
#4

Hello and thank you for the welcome.

  1. Added SSLEngine on, no change
  2. apachectl - S :
    image
    image809×417 17.1 KB

In the meantime added api. subdomain, never mind that for now

1 Like
#5

It doesn't look like the port 443 VirtualHost is enabled.

1 Like
#6

There is no port 443 vHost.

So your config file isn't used.

> is a comment, remove these. Then check, if the config file is enabled.

1 Like
#7

This is my apache2/ports.conf, should i change this or add port 443 somewhere else?

image

1 Like
#8

You can remove the SSLEngine on line I had you add. It should already be included as the top line of /etc/letsencrypt/options-ssl-apache.conf.

1 Like
#9

Removed SSLEngine on, this is tvaluer-ssl.conf now:
image

1 Like
#10

Just uncomment all the lines of
tvaluer-ssl.conf by removing the ">" as @JuergenAuer mentioned.

1 Like
#11

That was just a bad copy/paste, no '>' in there... Screenshot above, still the same...

1 Like
#12

sudo a2ensite tvaluer-ssl

1 Like
#13

sudo a2ensite tvaluer-ssl
Site tvaluer-ssl does not exist

1 Like
#14

What contains /etc/apache2/sites-available/ ?

2 Likes
#15

Omg, the certificate was named tvaluer.com-ssl instead of tvaluer-ssl :S How is that possible? After i renamed it and restarted apache, it works !!!

On the other hand, my subdomain api.tvaluer.com is now not loading, but i guess that is a different problem. Do you think it is related? If not, then this is solved.

1 Like
#16

Ah, and the main domain is now not loading also... stuck in loading to be exact... sh*t

1 Like
#17

What says apachectl -S now?

1 Like
#18

So the situation is like this: http is not working, https is, i will just put redirect to https then?

But on the other hand, the subdomain api is redirecting to the main folder.. tvaluer-ssl.conf:

image
image607×649 19.3 KB

Do i need a new certificate for that subdomain? apachectl -S says 443 on tvaluer.com and 80 on tvaluer.com and api.

1 Like
#19

Did you rename the tvaluer-ssl.conf in sites-available or sites-enabled?

1 Like
#20

sites-available. Both folder contain the correct names now

1 Like