Failed redirect for our domain

Hello,

I’ve used your service on a few servers and they all work great… on the same server with this problem I’ve successfully installed one certificate for another website.

For this specific domain I’m getting the following:

Failed redirect for summergate.org
Unable to set enhancement redirect for summergate.org
Unable to find corresponding HTTP vhost; Unable to create one as intended addresses conflict; Current configuration does not support automated redirection

IMPORTANT NOTES:

  • We were unable to set up enhancement redirect for your server,
    however, we successfully installed your certificate.
  • Congratulations! Your certificate and chain have been saved at:

Means that it did install the certificate yet it won’t do the redirect… I’ve tried everything to make it work but eventually I get to the point where it literally tells me that there’s no certificate for this domain.

Please help!
Thanks.

Hi @fileyapp

I don't know why Certbot produces this error.

But checking your domain it's good, Certbot doesn't create a redirect (via https://check-your-website.server-daten.de/?q=summergate.org ):

Domainname Http-Status redirect Sec. G
http://summergate.org/
104.239.140.12 301 https://summergate.org/ 0.250 A
http://www.summergate.org/
104.239.140.12 200 0.690 H
https://summergate.org/
104.239.140.12 301 http://www.summergate.org/ 2.623 F
https://www.summergate.org/
104.239.140.12 403 2.413 M
Forbidden

Because you have a redirect

https://summergate.org/
104.239.140.12
	301
	http://www.summergate.org/

So if Certbot would create a redirect http -> https, you would have a loop.

Remove this redirect https -> http.

Hmm… weird, I haven’t seen that anywhere, do you happen to know in which file should it be?
Is it .htaccess or one of the conf files?

Both files (.htaccess and config files) can have redirect rules. Check your https config files and your .htaccess

I just went through all the files, I’ve found another conf file that had the http and changed it to https… I even tried to remove the rules, both times I restarted the apache and ran the attempt to reinstall the certificate, I get the same exact error.
I don’t have any other .htaccess there and all the .conf files show only https redirection.

Not sure what’s next…

Now you have removed the wrong redirect:

Your non www redirects to https, your www not. But both have the expected result 404.

Now find your DocumentRoot.

Check your vHost, there should be a definition. Then you can use something like

certbot run -a webroot -i apache -w yourDocumentRoot -d summergate.org -d www.summergate.org

Upps - you have already a new certificate.

CN=summergate.org
	24.01.2019
	24.04.2019
	summergate.org - 1 entry

The only error: The certificate has only one name, not two. So create one certificate with two domain names.

Maybe yours eyes are playing tricks on you. :upside_down_face:
The redirection that seems to have been removed should never have been there:
It took HTTPS and redirected to HTTP !!!
image

There are some sites with such redirects.

One of my first own tested samples - the Berliner "Tagesspiegel" (Newspaper).

Now rechecked (now with ipv4 and ipv6 - check) ( https://check-your-website.server-daten.de/?q=tagesspiegel.de ):

Voilà - Grade F.

The end is https, but with a redirect non-www + https to www + http.

Other newspaper don't use https. Or the non-www doesn't answer etc.

--

PS: It's amazing to see a lot of buggy configurations. Big companies with a lot of errors.

1 Like

Yeah, anyone forcing htttps to http should get an F.

1 Like

Hi guys, please don’t argue :slight_smile: we’re all friends here…
JuergenAuer - I’ve tried to run the command you suggested and I got the exact same error.
Not sure what’s happening, I removed all redirections from .htaccess files and left only the .conf files which point to https alone.

The other domain on the server works, please help!

1 Like

This is not arguing, and yes we are all friends here :slight_smile:

This is what I see from your sites now:

http://summergate.org/      (301 Moved Permanently) https://summergate.org/ [GOOD]
http://www.summergate.org/  (200 OK) returns file: index.html [NO REDIRECTION]
https://summergate.org/     (403 Forbidden)
https://www.summergate.org/ (403 Forbidden)

Now your site looks better:

Domainname Http-Status redirect Sec. G
http://summergate.org/
104.239.140.12 301 https://summergate.org/ 0.250 A
http://www.summergate.org/
104.239.140.12 200 0.670 H
https://summergate.org/
104.239.140.12 403 2.390 M
Forbidden
https://www.summergate.org/
104.239.140.12 403 2.390 M
Forbidden

There is no redirect http + www -> https + www.

But your two https connections are secure.

CN=summergate.org
	25.01.2019
	25.04.2019
	summergate.org, www.summergate.org - 2 entries

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.