The HTTP server block shown is not the one now in use:
curl -Iki jkl7-company.taskcontrol.net
HTTP/1.1 301 Moved Permanently
Date: Thu, 08 Jul 2021 12:57:33 GMT
Server: Apache/2.4.29 (Ubuntu) OpenSSL/1.1.1
Location: https://jkl7-company.taskcontrol.net/
Where is HTTP being redirected to HTTPS?
I suppose it is done directly from CF cause I don't see any valid redirect in taskcontrol-le-ssl.conf file...
anyway erratic behaviour...I was generated manually the cert just without "www" and now it is working...
must work for FQDN with and without "www" in an stable manner...
still researching....
now, I was able to create a LE certificate for "www" (manually) but Cloudflare can't communicate with the server...yet the FQDN WITHOUT "www" works fine...
I'm wondering what is the meaning of "www" for CF?
I need to make all sites most secure as possible...how should I set in CF? any suggestion? any clue?
Thanks in Advance,...
Robert
Welcome to the Let's Encrypt Community, Robert 
I believe you will find these links extremely valuable:
https://developers.cloudflare.com/ssl/origin-configuration/origin-ca
well Griffin, thanks ! and thanks for the links you sent me..
gonna read it and see what should be made to fix this issue...
Will revert then,
Thanks !
every virtual server I create must have its own LE certified programatically (bash) generated at virtual server creation time so... just a question, sintactically speaking, this line is ok?:
sudo certbot -n -m xxx@xxx --agree-tos --apache -d $domain_variable1@taskcontrol.net -d www.$domain_variable1@taskcontrol.net
cause still is saying: TLS handshake failure... en /var/log/letsencryp/letsencrypt.log
thanks!
Please show the complete error message.
I'm sorta moved by..
CONGRATULATION. Everything seems to be fine.
http://taskcontrol.net
301 Moved Permanently
https://taskcontrol.net/
403 Forbidden
Here it goes again, command issued and the ouput in atach images....
still can't understand why a few weeks ago was working perfectly and now it doesn't
...any suggestion or any clues really appreciated...
Thanks in Advance
Robert
It is difficult for us to troubleshoot a problem when a CDN is involved.
Your site is behind CloudFlare.
More than likely, you need to set your CloudFlare settings in a way that allows for what you expect.
I'm not a CloudFlare expert - but I would start there.
At a bare minimum you need to understand that certbot doesn't know that your site is behind a CDN.
A CDN that is catching HTTP, redirecting HTTP to HTTPS, catching the HTTPS requests and handling them as you chose. And even if that choice was correct, the first request that your system will receive may be HTTPS and not was has been accounted for.
Sorry guys, still issues with our Cloud Provider so I was not able to try the LE generation code...
will revert ASAP and post the resolution here just in case may help someone else..
Thanks!
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.
