Hi, a week ago I noticed a problem with my website. It returned 403 error for all requests or 404 not found. This problem occurred after migrating to Cloudflare. I didn’t recognized what could cause this problem then and solved it by disabling Cloudflare for a while.
Now I’ve got the same problem. I’ve just recognized that I set a crontab task to renew my certificate every Monday.
It looks as follows
30 2 * * 1 /usr/bin/certbot renew >> /var/log/le-renew.log
I am getting the following errors in the ssl_error_log file
[Mon Jun 05 05:56:49.730824 2017] [autoindex:error] [pid 2303] [client 18.104.22.168:9264] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php,index.php) found, and server-generated directory index forbidden by Options directive
I’ve found a lot of similar topics, but still have no luck with setting it up correctly.
I have tried
webroot challenge instead. Like that
letsencrypt certonly --webroot --webroot-path /var/www/mysite.net/public_html/ --renew-by-default --email email@example.com --text --agree-tos -d mysite.net -d www.mysite.net
And got the following output
IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at /etc/letsencrypt/live/mysite.net/fullchain.pem. Your cert will expire on 2017-09-03. To obtain a new or tweaked version of this certificate in the future, simply run certbot again. To non-interactively renew *all* of your certificates, run "certbot renew"
But I still get the same error.
I have the following virtual host configuration
<IfModule mod_ssl.c> <VirtualHost *:443> ServerAdmin firstname.lastname@example.org ServerName mysite.net ServerAlias www.mysite.net DocumentRoot /var/www/mysite.net/public_html ErrorLog /var/www/mysite.net/logs/error.log CustomLog /var/www/mysite.net/logs/requests.log combined SSLCertificateFile /etc/letsencrypt/live/mysite.net/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/mysite.net/privkey.pem Include /etc/letsencrypt/options-ssl-apache.conf </VirtualHost> </IfModule>
So all in all. Please help to solve this problem and suggest steps to follow in order to
- Get rid of old configuration (if necessary)
- Setup valid configuration for issuing certificates for the case of using cloudflare
- Setup certificates auto renewal
I would be grateful for any help.