Creating new certificate worked, but https isn't accessible

Hi

I followed this guide https://certbot.eff.org/lets-encrypt/ubuntubionic-apache to install new certificate for my website https://www.ppbo.ws because my certificate was expired.

The installation was a success, but i still get the privacy error, although, the expiration date as changed and is now not expired.

here’s my ssl.conf:
<VirtualHost *:443>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request’s Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com

ServerName ppbo.ws
DocumentRoot /var/www/html

SSLEngine on

# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn

ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined

# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/ppbo.ws/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/ppbo.ws/privkey.pem

vim: syntax=apache ts=4 sw=4 sts=4 sr noet

using apache2 with ubuntu 18.04

I’ve looked through this section multiple similar subject, tried to restart apache2 didn’t worked.
If you have suggestion please do,
Thank you!

2 Likes

Hi @ocrean

that’s simple, see your check, ~~40 minutes old - https://check-your-website.server-daten.de/?q=ppbo.ws

Your certificate

CN=ppbo.ws
	26.06.2020
	24.09.2020
expires in 90 days	ppbo.ws - 1 entry

has only the non-www domain name, but you have a redirect to your www version.

So that’s insecure.

Create one certificate with both domain names and use that.

3 Likes

Hi,

Thank you for your time!

I tried to put a ServerAlias www.ppbo.ws but it didn’t work

When I run the commands from certbot they ask me to choose from a list and www.ppbo.ws is not there, only ppbo.ws.

How can I make one for both?

Edit: nevermind, it has appeared somehow, or I’m blind, either way, it’s working! Thank you!

2 Likes

Use

apachectl -S

to find your defined and used vHosts.

Easiest solution: One port 80 vHost with non-www and www, then Certbot can use that vHost as template to create the port 443 vHost.

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.