Failed to redirect for (my domain)

indigobunting · January 4, 2023, 4:42am

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: indigobunting.art

I ran this command: certbot --apache -d indigobunting.art

It produced this output:Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requesting a certificate for indigobunting.art

Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/indigobunting.art/fullchain.pem
Key is saved at: /etc/letsencrypt/live/indigobunting.art/privkey.pem
This certificate expires on 2023-04-04.
These files will be updated when the certificate renews.
Certbot has set up a scheduled task to automatically renew this certificate in the background.

Deploying certificate

We were unable to find a vhost with a ServerName or Address of indigobunting.art.
Which virtual host would you like to choose?

Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2
Successfully deployed certificate for indigobunting.art to /etc/apache2/sites-enabled/wordpress-le-ssl.conf
Failed redirect for indigobunting.art
Unable to set the redirect enhancement for indigobunting.art.

NEXT STEPS:

The certificate was saved, but could not be installed (installer: apache). After fixing the error shown below, try installing it again by running:
certbot install --cert-name indigobunting.art

Unable to find corresponding HTTP vhost; Unable to create one as intended addresses conflict; Current configuration does not support automated redirection
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.

My web server is (include version): Apache2

The operating system my web server runs on is (include version): Ubuntu 22.04.1

My hosting provider, if applicable, is: Linode

I can login to a root shell on my machine (yes or no, or I don't know): Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 1.21.0

_az · January 4, 2023, 5:00am

What's the output of:

sudo apachectl -t -D DUMP_VHOSTS

indigobunting · January 4, 2023, 5:01am

VirtualHost configuration:
*:443 45-56-77-23.ip.linodeusercontent.com (/etc/apache2/sites-enabled/wordpress-le-ssl.conf:2)
*:80 45-56-77-23.ip.linodeusercontent.com (/etc/apache2/sites-enabled/wordpress.conf:6)

_az · January 4, 2023, 5:07am

I'm not sure why Certbot is complaining. I'm not super familiar with this part of the Apache plugin.

What you might try is to:

Open /etc/apache2/sites-enabled/wordpress-le-ssl.conf and /etc/apache2/sites-enabled/wordpress.conf.
In both of those files, within the <VirtualHost> tags, replace, or add if it is missing, the following:
```
ServerName indigobunting.art
```
and save the files.
Try certbot install --cert-name indigobunting.art --apache again.

indigobunting · January 4, 2023, 5:18am

You're amazing! couldn't remember where the ServerName stuff was(new to all this). That worked:
Deploying certificate
Successfully deployed certificate for indigobunting.art to /etc/apache2/sites-enabled/wordpress-le-ssl.conf

_az · January 4, 2023, 5:21am

Ah, it looks like you might need to also run this as well to make it try add the redirection again:

sudo certbot enhance --redirect --cert-name indigobunting.art --apache

indigobunting · January 4, 2023, 5:27am

It looks like that worked but I'm still not redirecting to https. I tried entering it manually and I got a "your connection is not private" screen

_az · January 4, 2023, 5:29am

Could you show me the contents of this file?

/etc/apache2/sites-enabled/wordpress.conf

We will also need to re-issue your certificate to include the www subdomain because it doesn't at the moment. That causes the warning screen. You can do that with:

certbot --apache --cert-name indigobunting.art -d indigobunting.art -d www.indigobunting.art --force-renewal

indigobunting · January 4, 2023, 5:34am

<Directory /var/www/wordpress/>
    Options Indexes FollowSymLinks
    AllowOverride All
    Require all granted
</Directory>
<VirtualHost *:80>
    ServerName indigobunting.art
    ServerAdmin webmaster@localhost
    DocumentRoot /var/www/wordpress/
    ErrorLog /var/log/apache2/wordpress/error.log
    CustomLog /var/log/apache2/wordpress/access.log combined
    <files xmlrpc.php>
    order allow,deny
    deny from all
    </files>
RewriteEngine on
RewriteCond %{SERVER_NAME} =45-56-77-23.ip.linodeusercontent.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

_az · January 4, 2023, 5:35am

Great, get rid of this line and then:

systemctl reload apache2

indigobunting · January 4, 2023, 5:37am

reloaded no errors.

_az · January 4, 2023, 5:40am

Looks like everything is working now.

indigobunting · January 4, 2023, 5:41am

Oh yeah! the redirect is working Thank you so much for your time! Really want to learn this stuff

system · February 3, 2023, 5:42am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.