Domain Name Change & SSL Errors?

rileyodonnell · April 1, 2021, 3:35am

root@wordpress-ubuntu-s-1vcpu-1gb-nyc1-01:/etc/apache2/sites-available# cat /etc/apache2/sites-available/000-default.conf
# Added to mitigate CVE-2017-8295 vulnerability
UseCanonicalName On

<VirtualHost *:80>
        ServerAdmin webmaster@localhost

        ServerName silverstreamsynergy.com
        ServerAlias www.silverstreamsynergy.com

        DocumentRoot /var/www/html

        <Directory /var/www/html/>
            Options FollowSymLinks
            AllowOverride All
            Require all granted
        </Directory>

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
RewriteEngine on
RewriteCond %{SERVER_NAME} =silverstreamsynergy.com [OR]
RewriteCond %{SERVER_NAME} =www.silverstreamsynergy.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
root@wordpress-ubuntu-s-1vcpu-1gb-nyc1-01:/etc/apache2/sites-available# cat /etc/apache2/sites-available/000-default-le-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost *:443>
        ServerAdmin webmaster@localhost

        ServerName silverstreamsynergy.com
        ServerAlias www.silverstreamsynergy.com

        DocumentRoot /var/www/html

        <Directory /var/www/html/>
            Options FollowSymLinks
            AllowOverride All
            Require all granted
        </Directory>

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
RewriteEngine on
# Some rewrite rules in this file were disabled on your HTTPS site,
# because they have the potential to create redirection loops.

# RewriteCond %{SERVER_NAME} =silverstreamsynergy.com [OR]
# RewriteCond %{SERVER_NAME} =www.silverstreamsynergy.com
# RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

Include /etc/letsencrypt/options-ssl-apache.conf
ServerAlias gro-usa.com
ServerAlias www.gro-usa.com
SSLCertificateFile /etc/letsencrypt/live/gro-usa.com-0001/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/gro-usa.com-0001/privkey.pem
</VirtualHost>
</IfModule>
root@wordpress-ubuntu-s-1vcpu-1gb-nyc1-01:/etc/apache2/sites-available#

Contents of

/etc/apache2/sites-available/000-default.conf

and

/etc/apache2/sites-available/000-default-le-ssl.conf

griffin · April 1, 2021, 8:23am

Baby steps...

If anything goes wrong in this process, please stop and let us know.

First, put the following into /etc/apache2/sites-available/gro-usa.com.conf

# Added to mitigate CVE-2017-8295 vulnerability
UseCanonicalName On

<VirtualHost *:80>
        ServerAdmin webmaster@localhost
        ServerName gro-usa.com
        ServerAlias www.gro-usa.com

        DocumentRoot /var/www/html

        <Directory /var/www/html/>
            Options FollowSymLinks
            AllowOverride All
            Require all granted
        </Directory>

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

Second, enable the new site

sudo a2ensite gro-usa.com.conf

Third, reload apache (note that you won't have https after this point yet):

sudo apachectl -k graceful

Fourth, install the correct certificate

sudo certbot --cert-name gro-usa.com --apache -d "gro-usa.com,www.gro-usa.com" --keep

You might need to reload apache again per the previous instruction.

Fifth, delete the unneeded certificate

sudo certbot delete --cert-name www.gro-usa.com

rileyodonnell · April 1, 2021, 5:56pm

I do not have a /etc/apache2/sites-available/gro-usa.com.conf file so I just created it using nano and pasted the contents you told me into it.

After I run sudo a2ensite gro-usa.com.conf it tells me To activate the new configuration, you need to run: system reload apache2 (shown in terminal above). I ran up to the sudo apachectl -k graceful line but it gave me an error (shown in terminal above).

griffin · April 1, 2021, 6:18pm

That error is normal. I know how weird that sounds.

rileyodonnell · April 1, 2021, 6:18pm

Ok, I will run the rest.

rileyodonnell · April 1, 2021, 6:22pm

Wow, everything works now. I can't thank you enough, you have been a godsend. I am utmost grateful and appreciative. If you have a venmo I would like to tip you.

Could you maybe explain what was going wrong here? Or atleast how you knew the problem? I would love to know if you can. Thanks!

griffin · April 1, 2021, 6:25pm

Thanks much!

All your redirects are looking great now too!

I sent you a PM.

You had the wrong server name in your configuration.

rileyodonnell · April 1, 2021, 6:27pm

Thanks again. You've alleviated a lot of stress. I appreciate everything.

griffin · April 1, 2021, 6:27pm

You're quite welcome!

Osiris · April 2, 2021, 5:58am

Well, it's actually a warning. And I don't think it's normal. However, it doesn't have to be a problem.

griffin · April 2, 2021, 6:53am

I've seen that warning in almost every apache-related topic with which I've been involved. It's completely expected when there's no globally-declared server name. Never seen it to be a problem, but I admit that I'm unaware of any potential issues it might cause.

system · May 2, 2021, 6:53am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.