Failed redirect for our domain


#1

Hello,

I’ve used your service on a few servers and they all work great… on the same server with this problem I’ve successfully installed one certificate for another website.

For this specific domain I’m getting the following:

Failed redirect for summergate.org
Unable to set enhancement redirect for summergate.org
Unable to find corresponding HTTP vhost; Unable to create one as intended addresses conflict; Current configuration does not support automated redirection

IMPORTANT NOTES:

  • We were unable to set up enhancement redirect for your server,
    however, we successfully installed your certificate.
  • Congratulations! Your certificate and chain have been saved at:

Means that it did install the certificate yet it won’t do the redirect… I’ve tried everything to make it work but eventually I get to the point where it literally tells me that there’s no certificate for this domain.

Please help!
Thanks.


#2

Hi @fileyapp

I don’t know why Certbot produces this error.

But checking your domain it’s good, Certbot doesn’t create a redirect (via https://check-your-website.server-daten.de/?q=summergate.org ):

Domainname Http-Status redirect Sec. G
http://summergate.org/
104.239.140.12 301 https://summergate.org/ 0.250 A
http://www.summergate.org/
104.239.140.12 200 0.690 H
https://summergate.org/
104.239.140.12 301 http://www.summergate.org/ 2.623 F
https://www.summergate.org/
104.239.140.12 403 2.413 M
Forbidden

Because you have a redirect

https://summergate.org/
104.239.140.12
	301
	http://www.summergate.org/

So if Certbot would create a redirect http -> https, you would have a loop.

Remove this redirect https -> http.


#3

Hmm… weird, I haven’t seen that anywhere, do you happen to know in which file should it be?
Is it .htaccess or one of the conf files?


#4

Both files (.htaccess and config files) can have redirect rules. Check your https config files and your .htaccess


#5

I just went through all the files, I’ve found another conf file that had the http and changed it to https… I even tried to remove the rules, both times I restarted the apache and ran the attempt to reinstall the certificate, I get the same exact error.
I don’t have any other .htaccess there and all the .conf files show only https redirection.

Not sure what’s next…


#6

Now you have removed the wrong redirect:

Your non www redirects to https, your www not. But both have the expected result 404.

Now find your DocumentRoot.

Check your vHost, there should be a definition. Then you can use something like

certbot run -a webroot -i apache -w yourDocumentRoot -d summergate.org -d www.summergate.org

Upps - you have already a new certificate.

CN=summergate.org
	24.01.2019
	24.04.2019
	summergate.org - 1 entry

The only error: The certificate has only one name, not two. So create one certificate with two domain names.


#7

Maybe yours eyes are playing tricks on you. :upside_down_face:
The redirection that seems to have been removed should never have been there:
It took HTTPS and redirected to HTTP !!!
image


#8

There are some sites with such redirects.

One of my first own tested samples - the Berliner “Tagesspiegel” (Newspaper).

Now rechecked (now with ipv4 and ipv6 - check) ( https://check-your-website.server-daten.de/?q=tagesspiegel.de ):

Voilà - Grade F.

The end is https, but with a redirect non-www + https to www + http.

Other newspaper don’t use https. Or the non-www doesn’t answer etc.

PS: It’s amazing to see a lot of buggy configurations. Big companies with a lot of errors.


#9

Yeah, anyone forcing htttps to http should get an F.


#10

Hi guys, please don’t argue :slight_smile: we’re all friends here…
JuergenAuer - I’ve tried to run the command you suggested and I got the exact same error.
Not sure what’s happening, I removed all redirections from .htaccess files and left only the .conf files which point to https alone.

The other domain on the server works, please help!


#11

This is not arguing, and yes we are all friends here :slight_smile:

This is what I see from your sites now:

http://summergate.org/      (301 Moved Permanently) https://summergate.org/ [GOOD]
http://www.summergate.org/  (200 OK) returns file: index.html [NO REDIRECTION]
https://summergate.org/     (403 Forbidden)
https://www.summergate.org/ (403 Forbidden)

#12

Now your site looks better:

Domainname Http-Status redirect Sec. G
http://summergate.org/
104.239.140.12 301 https://summergate.org/ 0.250 A
http://www.summergate.org/
104.239.140.12 200 0.670 H
https://summergate.org/
104.239.140.12 403 2.390 M
Forbidden
https://www.summergate.org/
104.239.140.12 403 2.390 M
Forbidden

There is no redirect http + www -> https + www.

But your two https connections are secure.

CN=summergate.org
	25.01.2019
	25.04.2019
	summergate.org, www.summergate.org - 2 entries

closed #13

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.