"Enhancement redirect was already set." but not actually working

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: huhohi.com

I ran this command:
First time I ran it only with main domain: sudo certbot --apache -d huhohi.com
Created renewal and etc. Then added subdomains running command again:
sudo certbot --apache -d huhohi.com -d www.huhohi.com -d hogas.huhohi.com -d www.hogas.huhohi.com

It produced this output: (after the second command)
Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you’re confident your site works on HTTPS. You can undo this
change by editing your web server’s configuration.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press ‘c’ to cancel): 2
Enhancement redirect was already set.
Enhancement redirect was already set.
Enhancement redirect was already set.
Enhancement redirect was already set.

My web server is (include version):

The operating system my web server runs on is (include version): Ubuntu Linux 14.04.5

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): Webmin 1.900

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.31.0

So looks like the first time I did it (for huhohi.com) the redirection was applied and works. But the second time I did it, redirection did not apply to subdomains and etc. Loading directly HTTPS everything shows up correctly, with a valid certificate.

I read somewhere that this might be due to the renewal I got setup? But I am not sure.

Hi @Kami-sama

there is a check of your domain, ~~ one hour old - https://check-your-website.server-daten.de/?q=huhohi.com

There is only one redirect:

Domainname Http-Status redirect Sec. G
http://huhohi.com/ 301 https://huhohi.com/ 0.067 A
http://www.huhohi.com/ 200 0.633 H
https://huhohi.com/ 200 1.180 I
https://www.huhohi.com/ 200 0.876 I

http + non-www --> https + non-www.

So check yor webmin to see how to add the other redirects http + www -> https + www and non-preferred https -> preferred https.

But: If you use Webmin, I don't know if it is a good idea to install and use Certbot. Normally, such interfaces shouldn't be mixed with Certbot.

Your hogas ( https://check-your-website.server-daten.de/?q=hogas.huhohi.com )

Domainname Http-Status redirect Sec. G
http://hogas.huhohi.com/ 200 0.650 H
http://www.hogas.huhohi.com/ 200 0.540 H
https://hogas.huhohi.com/ 200 0.933 B
https://www.hogas.huhohi.com/ 200 1.436 B

doesn't have any redirects.

The certificate is good

expires in 89 days	
hogas.huhohi.com, huhohi.com, 
www.hogas.huhohi.com, www.huhohi.com - 4 entries

don't create a new.


Well the terminal shows that redirection is enabled, yet as you can see it is not. That is why I was thinking maybe the renewal thing might be causing this.

In Webmin itself I did not find where redirection is enabled. Looking at Apache config files now. Looks like rewrite is there, so might try to mess with it.

UPDATE: resolved by adding this to apache conf file:
<VirtualHost *:80>
ServerName www.huhohi.com
Redirect / https://www.huhohi.com

<VirtualHost *:80>
ServerName www.hogas.huhohi.com
Redirect / https://www.hogas.huhohi.com

<VirtualHost *:80>
ServerName hogas.huhohi.com
Redirect / https://hogas.huhohi.com

NOTE: do not forget to restart Apache, my ultimate bane


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.