Certbot installed correctly but can't access the site

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:
makeouthill.xyz

I ran this command:

It produced this output:

My web server is (include version):
Apache2

The operating system my web server runs on is (include version):
Raspbian (buster)

My hosting provider, if applicable, is:
namecheap

I can login to a root shell on my machine (yes or no, or I don’t know):
Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
certbot 0.31.0

I have run the certbot commands to create an ssl certificate and it shows up successful. When I do a dry run it also shows up with no problems but when I do ssl test online it says there is no certificate and the website fails to load on https. I made sure all the directories for ssl files in my makeouthill.xyz.conf are correct but still it doesn’t work.

1 Like

For me, port 80 (the HTTP port) is running HTTPS, and port 443 (the HTTPS port) times out.

It seems like your web server is misconfigured to run HTTPS on the HTTP port, or there is a port forwarding misconfiguration directing port 443 to port 80, and port 443 may be blocked by a firewall or something.

Can you double check that the Apache configuration is correct?

What does “sudo apachectl -t -D DUMP_VHOSTS” show?

Are you sure that your ISP does not block port 443, and that your firewall and port forwarding settings are all correct?

2 Likes

Hi @dylanneve1

checking your domain there are some errors - https://check-your-website.server-daten.de/?q=makeouthill.xyz

First, you have created certificates

Issuer not before not after Domain names LE-Duplicate next LE
Let's Encrypt Authority X3 2019-11-26 2020-02-24 makeouthill.xyz, www.makeouthill.xyz - 2 entries duplicate nr. 3
Let's Encrypt Authority X3 2019-11-26 2020-02-24 makeouthill.xyz, www.makeouthill.xyz - 2 entries duplicate nr. 2
Let's Encrypt Authority X3 2019-11-26 2020-02-24 www.makeouthill.xyz - 1 entries duplicate nr. 1
Let's Encrypt Authority X3 2019-11-26 2020-02-24 makeouthill.xyz, www.makeouthill.xyz - 2 entries duplicate nr. 1
Let's Encrypt Authority X3 2019-11-26 2020-02-24 makeouthill.xyz - 1 entries duplicate nr. 1

But your configuration is wrong - https over port 80:

Domainname Http-Status redirect Sec. G
http://makeouthill.xyz/
46.7.192.25 400 Html is minified: 100,23 % 0.127 M
Bad Request
http://www.makeouthill.xyz/
46.7.192.25 400 Html is minified: 100,23 % 0.123 M
Bad Request
https://makeouthill.xyz/
46.7.192.25 -14 10.057 T
Timeout - The operation has timed out
https://www.makeouthill.xyz/
46.7.192.25 -14 10.037 T
Timeout - The operation has timed out
https://makeouthill.xyz:80/
46.7.192.25 301 https://makeouthill.xyz/
Html is minified: 100,00 % 3.300 Q
Visible Content: Moved Permanently The document has moved here . Apache/2.4.38 (Raspbian) Server at makeouthill.xyz Port 443
https://www.makeouthill.xyz:80/
46.7.192.25 301 https://www.makeouthill.xyz/
Html is minified: 100,00 % 2.990 Q
Visible Content: Moved Permanently The document has moved here . Apache/2.4.38 (Raspbian) Server at www.makeouthill.xyz Port 443

http / port 80 doesn't work, but there is a typical error message, so the tool checks, if https over port 80 works.

And voilà, there is a working https port 80 with a correct certificate.

Looks like you have a wrong port forwarding

extern port 443 -> intern port 80

Or your vHost config is wrong.

What says

apachectl -S
1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.