Failed redirect

Perfect!
Now do you want certbot to create the HTTPS vhost for you?
[or do you want to do that yourself?]

I think I want certbot to do that. :slight_smile:

Do:

certbot -i apache \
--webroot -w /var/www/matthewalbertcole.com \
-d matthewalbertcole.com \
-d www.matthewalbertcole.com

Back to the same error unfortunately

Deploying certificate
Successfully deployed certificate for matthewalbertcole.com to /etc/apache2/sites-enabled/matthewalbertcole.com-le-ssl.conf
Successfully deployed certificate for www.matthewalbertcole.com to /etc/apache2/sites-enabled/matthewalbertcole.com-le-ssl.conf
Failed redirect for matthewalbertcole.com
Unable to set the redirect enhancement for matthewalbertcole.com.

NEXT STEPS:
- The certificate was saved, but could not be installed (installer: apache). After fixing the error shown below, try installing it again by running:
  certbot install --cert-name matthewalbertcole.com

Unable to find corresponding HTTP vhost; Unable to create one as intended addresses conflict; Current configuration does not support automated redirection
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.

Not exactly.

Restart Apache and enjoy life!

Did it ask you if you wanted redirection?
If so, we had already done that.

EDIT: I do see how it seems full-circle.
But not all was wasted...
We did add the extra name into the cert.
We did add a cool redirection that takes into account any future HTTP challenge requests.

That still seems really weird.

ok the website works now! thank you

ya, no idea what that means

Now I'm confused...
There was already an HTTPS vhost configured for BOTH names:

Please show the current output of:
sudo apachectl -t -D DUMP_VHOSTS

root@nodejs-s-1vcpu-1gb-nyc3-01:~/matthewalbertcole.com# sudo apachectl -t -D DUMP_VHOSTS
VirtualHost configuration:
*:443                  is a NameVirtualHost
         default server www.matthewalbertcole.com (/etc/apache2/sites-enabled/matthewalbertcole.com-le-ssl.conf:2)
         port 443 namevhost www.matthewalbertcole.com (/etc/apache2/sites-enabled/matthewalbertcole.com-le-ssl.conf:2)
         port 443 namevhost matthewalbertcole.com (/etc/apache2/sites-enabled/matthewalbertcole.com-le-ssl.conf:12)
         port 443 namevhost www.pdxwater.org (/etc/apache2/sites-enabled/pdxwater.org-le-ssl.conf:2)
         port 443 namevhost pdxwater.org (/etc/apache2/sites-enabled/pdxwater.org-le-ssl.conf:12)
*:80                   is a NameVirtualHost
         default server matthewalbertcole.com (/etc/apache2/sites-enabled/matthewalbertcole.com.conf:1)
         port 80 namevhost matthewalbertcole.com (/etc/apache2/sites-enabled/matthewalbertcole.com.conf:1)
                 alias www.matthewalbertcole.com
         port 80 namevhost pdxwater.org (/etc/apache2/sites-enabled/pdxwater.org.conf:1)
                 alias www.pdxwater.org

Ok that doesn't seem to have changed.
Please show that file.
And the output of:
certbot certificates

root@nodejs-s-1vcpu-1gb-nyc3-01:/etc/apache2/sites-enabled# cat matthewalbertcole.com-le-ssl.conf
<IfModule mod_ssl.c>
        <VirtualHost *:443>
                ServerAdmin root@matthewalbertcole.com
                DocumentRoot /var/www/matthewalbertcole.com
		ServerName www.matthewalbertcole.com
		Redirect permanent / https://matthewalbertcole.com
		Include /etc/letsencrypt/options-ssl-apache.conf
		SSLCertificateFile /etc/letsencrypt/live/matthewalbertcole.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/matthewalbertcole.com/privkey.pem
</VirtualHost>

<VirtualHost *:443>

		ServerAdmin root@matthewalbertcole.com
		DocumentRoot /var/www/matthewalbertcole.com
		ServerName matthewalbertcole.com

		<Proxy *>
		 Order deny,allow
		 Allow from all
		</Proxy>
	
		SSLEngine on
		SSLProxyEngine on

                ErrorLog ${APACHE_LOG_DIR}/error.log
                CustomLog ${APACHE_LOG_DIR}/access.log combined

                Include /etc/letsencrypt/options-ssl-apache.conf

		ProxyRequests Off
		ProxyPreserveHost On
		SSLProxyVerify none
		SSLProxyCheckPeerCN off
		SSLProxyCheckPeerName off
		SSLProxyCheckPeerExpire off
		ProxyRequests Off
		ProxyPass / http://localhost:8080/
		ProxyPassReverse / http://localhost:8080/

		Timeout 600
		ProxyTimeout 600
		SetEnv proxy-nokeepalive 1
		SetEnv proxy-initial-not-pooled 1


		SSLCertificateFile /etc/letsencrypt/live/matthewalbertcole.com/fullchain.pem
		SSLCertificateKeyFile /etc/letsencrypt/live/matthewalbertcole.com/privkey.pem
        </VirtualHost>
</IfModule>
root@nodejs-s-1vcpu-1gb-nyc3-01:/etc/apache2/sites-enabled# certbot certificates
Saving debug log to /var/log/letsencrypt/letsencrypt.log

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Found the following certs:
  Certificate Name: matthewalbertcole.com-0001
    Serial Number: 3764ecefe16ad1dc47dc81a53da3306a2f2
    Key Type: RSA
    Domains: matthewalbertcole.com
    Expiry Date: 2022-01-13 02:05:29+00:00 (VALID: 89 days)
    Certificate Path: /etc/letsencrypt/live/matthewalbertcole.com-0001/fullchain.pem
    Private Key Path: /etc/letsencrypt/live/matthewalbertcole.com-0001/privkey.pem
  Certificate Name: matthewalbertcole.com
    Serial Number: 391e35cbfcb66ef4a52886c6e9e3879c49d
    Key Type: RSA
    Domains: matthewalbertcole.com www.matthewalbertcole.com
    Expiry Date: 2022-01-13 05:08:17+00:00 (VALID: 89 days)
    Certificate Path: /etc/letsencrypt/live/matthewalbertcole.com/fullchain.pem
    Private Key Path: /etc/letsencrypt/live/matthewalbertcole.com/privkey.pem
  Certificate Name: pdxwater.org-0001
    Serial Number: 496a9dcb4ebc15ecb2b3e4f556005736f54
    Key Type: RSA
    Domains: pdxwater.org
    Expiry Date: 2021-11-29 08:58:53+00:00 (VALID: 45 days)
    Certificate Path: /etc/letsencrypt/live/pdxwater.org-0001/fullchain.pem
    Private Key Path: /etc/letsencrypt/live/pdxwater.org-0001/privkey.pem
  Certificate Name: pdxwater.org
    Serial Number: 377ed01cda572be801c2562016df54587bc
    Key Type: RSA
    Domains: pdxwater.org www.pdxwater.org
    Expiry Date: 2021-11-29 19:47:10+00:00 (VALID: 45 days)
    Certificate Path: /etc/letsencrypt/live/pdxwater.org/fullchain.pem
    Private Key Path: /etc/letsencrypt/live/pdxwater.org/privkey.pem
  Certificate Name: www.matthewalbertcole.com
    Serial Number: 486ca6f83b043b88476794e8f984f772946
    Key Type: RSA
    Domains: www.matthewalbertcole.com
    Expiry Date: 2022-01-13 02:00:50+00:00 (VALID: 89 days)
    Certificate Path: /etc/letsencrypt/live/www.matthewalbertcole.com/fullchain.pem
    Private Key Path: /etc/letsencrypt/live/www.matthewalbertcole.com/privkey.pem
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

I don't see much of anything wrong there...
You can remove the unused cert:
cerbot delete --cert-name matthewalbertcole.com-0001

All should be well now :slight_smile:

Thank You for your help. Happy to see it working again!

Glad to have helped :slight_smile:
Cheers from Miami :beers:

#FreeCUBA :cuba: