Failed redirect

matthewcole805 · October 14, 2021, 1:18pm

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: matthewalbertcole.com

I ran this command: certbot -d matthewalbertcole.com

It produced this output:

Deploying certificate
Successfully deployed certificate for matthewalbertcole.com to /etc/apache2/sites-enabled/matthewalbertcole.com-le-ssl.conf
Failed redirect for matthewalbertcole.com
Unable to set the redirect enhancement for matthewalbertcole.com.

NEXT STEPS:
- The certificate was saved, but could not be installed (installer: apache). After fixing the error shown below, try installing it again by running:
  certbot install --cert-name matthewalbertcole.com-0001

Unable to find corresponding HTTP vhost; Unable to create one as intended addresses conflict; Current configuration does not support automated redirection

My web server is (include version): ubuntu

The operating system my web server runs on is (include version): ubuntu 20.04

My hosting provider, if applicable, is: digitalocean.com

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): pm2 apache2

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): 1.20.0

rg305 · October 14, 2021, 3:32pm

Please review (and fix) your Apache configuration.
Start with the output of:
sudo apachectl -t -D DUMP_VHOSTS

matthewcole805 · October 14, 2021, 10:22pm

Ok, thank you for the reply. Here is the output of sudo apachectl -t -D DUMP_VHOSTS

VirtualHost configuration:
*:443                  is a NameVirtualHost
         default server www.matthewalbertcole.com (/etc/apache2/sites-enabled/matthewalbertcole.com-le-ssl.conf:2)
         port 443 namevhost www.matthewalbertcole.com (/etc/apache2/sites-enabled/matthewalbertcole.com-le-ssl.conf:2)
         port 443 namevhost matthewalbertcole.com (/etc/apache2/sites-enabled/matthewalbertcole.com-le-ssl.conf:12)
         port 443 namevhost www.pdxwater.org (/etc/apache2/sites-enabled/pdxwater.org-le-ssl.conf:2)
         port 443 namevhost pdxwater.org (/etc/apache2/sites-enabled/pdxwater.org-le-ssl.conf:12)

rg305 · October 15, 2021, 12:04am

Is that all of it?

Where are the entries for HTTP?:

*:80           is a NameVirtualHost
        default server .....
        port 80 namevhost .....
        port 80 namevhost .....

matthewcole805 · October 15, 2021, 12:44am

oops, sorry here is the rest:

VirtualHost configuration:
*:443                  is a NameVirtualHost
         default server www.matthewalbertcole.com (/etc/apache2/sites-enabled/matthewalbertcole.com-le-ssl.conf:2)
         port 443 namevhost www.matthewalbertcole.com (/etc/apache2/sites-enabled/matthewalbertcole.com-le-ssl.conf:2)
         port 443 namevhost matthewalbertcole.com (/etc/apache2/sites-enabled/matthewalbertcole.com-le-ssl.conf:12)
         port 443 namevhost www.pdxwater.org (/etc/apache2/sites-enabled/pdxwater.org-le-ssl.conf:2)
         port 443 namevhost pdxwater.org (/etc/apache2/sites-enabled/pdxwater.org-le-ssl.conf:12)
*:80                   is a NameVirtualHost
         default server matthewalbertcole.com (/etc/apache2/sites-enabled/matthewalbertcole.conf:1)
         port 80 namevhost matthewalbertcole.com (/etc/apache2/sites-enabled/matthewalbertcole.conf:1)
                 alias www.matthewalbertcole.com
         port 80 namevhost pdxwater.org (/etc/apache2/sites-enabled/pdxwater.org.conf:1)
                 alias www.pdxwater.org

rg305 · October 15, 2021, 2:43am

Let's have a look at this file:

matthewcole805 · October 15, 2021, 3:12am

I was messing around and realized I accidentally misnamed it matthewalbertcole.conf instead of matthewalbertcole.com.conf, so I corrected it and re-enabled it. The problem persisted though. Here is the contents:

<VirtualHost *:80>

        ServerAdmin root@matthewalbertcole.com
        DocumentRoot /var/www/matthewalbertcole.com/
        ServerName matthewalbertcole.com
        ServerAlias www.matthewalbertcole.com

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

        #Redirect permanent / https://matthewalbertcole.com

        #ProxyRequests On
        #ProxyPass / https://localhost:8080/
        #ProxyPassReverse / localhost:8080/

</VirtualHost>

rg305 · October 15, 2021, 3:19am

Let's test that as the challenge path:

sudo mkdir -p /var/www/matthewalbertcole.com/.well-known/acme-challenge/
echo X > /var/www/matthewalbertcole.com/.well-known/acme-challenge/Test-File-1234

Then we try to access is via:
http://matthewalbertcole.com/.well-known/acme-challenge/Test-File-1234

rg305 · October 15, 2021, 3:22am

You can also replace this logic:
[instead of ever reenabling it]

With this logic:

  RewriteEngine On
  RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge [NC]
  RewriteCond %{HTTPS} !=on
  RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]

matthewcole805 · October 15, 2021, 3:55am

Not Found

The requested URL was not found on this server.

Apache/2.4.41 (Ubuntu) Server at matthewalbertcole.com Port 80

rg305 · October 15, 2021, 3:58am

Show:
ls -l /var/www/matthewalbertcole.com/.well-known/acme-challenge/

And again:
sudo apachectl -t -D DUMP_VHOSTS

matthewcole805 · October 15, 2021, 4:04am

ok done as well

matthewcole805 · October 15, 2021, 4:07am

ls -l /var/www/matthewalbertcole.com/.well-known/acme-challenge/

total 4
-rw-r--r-- 1 root root 2 Oct 15 03:53 Test-File

and sudo apachectl -t -D DUMP_VHOSTS

*:443                  is a NameVirtualHost
         default server www.matthewalbertcole.com (/etc/apache2/sites-enabled/matthewalbertcole.com-le-ssl.conf:2)
         port 443 namevhost www.matthewalbertcole.com (/etc/apache2/sites-enabled/matthewalbertcole.com-le-ssl.conf:2)
         port 443 namevhost matthewalbertcole.com (/etc/apache2/sites-enabled/matthewalbertcole.com-le-ssl.conf:12)
         port 443 namevhost www.pdxwater.org (/etc/apache2/sites-enabled/pdxwater.org-le-ssl.conf:2)
         port 443 namevhost pdxwater.org (/etc/apache2/sites-enabled/pdxwater.org-le-ssl.conf:12)
*:80                   is a NameVirtualHost
         default server matthewalbertcole.com (/etc/apache2/sites-enabled/matthewalbertcole.com.conf:1)
         port 80 namevhost matthewalbertcole.com (/etc/apache2/sites-enabled/matthewalbertcole.com.conf:1)
                 alias www.matthewalbertcole.com
         port 80 namevhost pdxwater.org (/etc/apache2/sites-enabled/pdxwater.org.conf:1)
                 alias www.pdxwater.org

rg305 · October 15, 2021, 4:12am

Maybe you missed my last post/requests:

matthewcole805 · October 15, 2021, 4:21am

my reply is still hidden...

rg305 · October 15, 2021, 4:25am

What do you mean hidden?
I see nothing (even hidden)
Just cancel it and do it again.
Refresh the page if you have to.

matthewcole805 · October 15, 2021, 4:28am

root@nodejs-s-1vcpu-1gb-nyc3-01:/etc/apache2/sites-enabled# ls -l /var/www/matthewalbertcole.com/.well-known/acme-challenge/
total 4
-rw-r--r-- 1 root root 2 Oct 15 03:53 Test-File
root@nodejs-s-1vcpu-1gb-nyc3-01:/etc/apache2/sites-enabled# sudo apachectl -t -D DUMP_VHOSTS
VirtualHost configuration:
*:443                  is a NameVirtualHost
         default server www.matthewalbertcole.com (/etc/apache2/sites-enabled/matthewalbertcole.com-le-ssl.conf:2)
         port 443 namevhost www.matthewalbertcole.com (/etc/apache2/sites-enabled/matthewalbertcole.com-le-ssl.conf:2)
         port 443 namevhost matthewalbertcole.com (/etc/apache2/sites-enabled/matthewalbertcole.com-le-ssl.conf:12)
         port 443 namevhost www.pdxwater.org (/etc/apache2/sites-enabled/pdxwater.org-le-ssl.conf:2)
         port 443 namevhost pdxwater.org (/etc/apache2/sites-enabled/pdxwater.org-le-ssl.conf:12)
*:80                   is a NameVirtualHost
         default server matthewalbertcole.com (/etc/apache2/sites-enabled/matthewalbertcole.com.conf:1)
         port 80 namevhost matthewalbertcole.com (/etc/apache2/sites-enabled/matthewalbertcole.com.conf:1)
                 alias www.matthewalbertcole.com
         port 80 namevhost pdxwater.org (/etc/apache2/sites-enabled/pdxwater.org.conf:1)
                 alias www.pdxwater.org

rg305 · October 15, 2021, 4:29am

OK, please show:
cat /etc/apache2/sites-enabled/matthewalbertcole.com.conf

matthewcole805 · October 15, 2021, 4:29am

I don't know where it went, but I'm up a trust level now so hopefully it doesn't happen again.

matthewcole805 · October 15, 2021, 4:30am

root@nodejs-s-1vcpu-1gb-nyc3-01:/etc/apache2/sites-enabled# cat /etc/apache2/sites-enabled/matthewalbertcole.com.conf
<VirtualHost *:80>

        ServerAdmin root@matthewalbertcole.com
        DocumentRoot /var/www/matthewalbertcole.com/
        ServerName matthewalbertcole.com
	ServerAlias www.matthewalbertcole.com

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

        RewriteEngine On
	RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge [NC]
  	RewriteCond %{HTTPS} !=on
  	RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]


        #ProxyRequests On
        #ProxyPass / https://localhost:8080/
        #ProxyPassReverse / localhost:8080/

</VirtualHost>