Certificate does not work without https:// prefix url

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:https://www.neasy.de

I ran this command:

git clone https://github.com/certbot/certbot
cd certbot
./certbot-auto certonly -a standalone -d neasy.de -d www.neasy.de
cd /etc/letsencrypt/live/neasy.de
openssl pkcs12 -export -in fullchain.pem -inkey privkey.pem -out keystore.p12 -name tomcat -CAfile chain.pem -caname root

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version): linux

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):certbot 0.31.0

4 month ago i first used letsencrypt and I was success to use it. I learned I have to generate certificate
with and without www. prefix and it is important. My company has changed the domain mane from neasy.app to neasy.de and for that I deleted my old certificate and generate new one for neasy.de

Now i am in a new trouble that if i write in my browser neasy.de it does not work even if i write www.neasy.de it does not work. But for at least once time if I write https://neasy.de or https://www.neasy.de it works, and for the next time i dont need to write https:// prefix.

This issue really seems weired to me :frowning: any help will be appreciated please :frowning:

Another information I forgot to share, If you want to test it you can open browser private window and then try hitting only neasy.de

http:// requires port 80.
Port 80 is denied [connection refused] to both IPs:

Name:    neasy.de
Addresses:  2a01:4f8:a0:6186::2
          85.10.196.89

Name:    www.neasy.de
Addresses:  2a01:4f8:a0:6186::2
          85.10.196.89

curl -4 http://neasy.de/
curl: (7) Failed to connect to neasy.de port 80: Connection refused

curl -6 http://neasy.de/
curl: (7) Failed to connect to neasy.de port 80: Connection refused

Dear i run my springboot project in 443 port for https am I right? because for last 4 month it was working running in 443 port

server.port: 443
server.ssl.key-store: /etc/letsencrypt/live/neasy.de/keystore.p12
server.ssl.enabled=true
server.ssl.key-store-password: mypassword
server.ssl.keyStoreType: PKCS12
server.ssl.keyAlias: tomcat

is it should my configuration for spring boot

All that is ok.
[for TLS only]

For HTTP, you would need to allow port 80 and place a redirection there to TLS (port 443).

You might not have noticed this before because you might have been using a browser that was automatically going to HTTPS instead of HTTP for various reasons without the protocol scheme. But most browsers don’t do that, at least not the first time they contact a site. As @rg305 mentioned, if you want to be able to access the site without the protocol scheme, just by typing the site name, you’ll need to have it support HTTP on port 80, even if only to send an immediate HTTP 301 redirect to the HTTPS version of the same service.

1 Like

Can you please tell me how can i give 80 port support to my spring boot project

Most users on this community know ample of Apache and nginx, but I think spring boot isn’t very common among the regular users.

Of course we can run a few Google Searches, but I would ask you to try and Google yourself first, as this isn’t really directly related to Let’s Encrypt.

Also, you’ve made references to tomcat in the posts above. Perhaps it’s more a Tomcat issue, but without understanding your exact set up, we’re in the dark…

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.