How to set up let's encrypt https after moving site to new server

Can I do this:

scp letsencrypt admin@serverIP:/var/folder-destination/

You can do whatever you want, but you should probably read manpages to see what commands do.

Strangers on the internet tend to be… unreliable. :smiley:

1 Like

I would suggest using rsync instead of scp.

I have done successful migrations. The idea is to build everything on the new server & make sure it all works. You can edit your local hosts file to point your browser to the new server’s IP to confirm the new site functionality works before editing your DNS A record. Technically, you don’t HAVE to use 2 A records. You can change your existing A record once you confirm the new server works. Once propagation completes, you can remove the old server.

@9peppe @ZetaRevan @stevenzhu So, I copied the letsencrypt folder to new server, and I copied the sites-available and sites-enabled folders from apache2 to the new server, since the path and configuration are the same.
Restarted the server, run the apachectl -t it returned, OK, but I’m still not able to load the site, I get the domain refused connection message. On Windows 10 edited the hosts file to map the new IP to the domain.

I’m missing something? I didn’t change the DNS settings, since I want to test the site before switching. I haven’t run any letsescript commands either. Suggestions?

It can be anything.

Is apache running? On ports 80 and 443?

I can access the site via IP but not name. Not sure if it’s the old site or new…
Rip

Your dns currently points to 138.197.27.250, I assume that’s the old site?

So, are you connecting to this ip or a different one?

That’s the old site, I haven’t change anything on the DNS control panel.
I’m still trying to get the new server to run which is 192.241.179.177

After moving the files, i edited the hosts files in Windows 10 to see if the new site loads @9peppe, but nothing happens.

If I open this via unencrypted http, it tries to redirect me to the domain (ie: the old site):

% curl -I 192.241.179.177
HTTP/1.1 301 Moved Permanently
Date: Mon, 02 Mar 2020 18:02:34 GMT
Server: Apache/2.4.29 (Ubuntu)
Location: https://pureinfotech.com/
Content-Type: text/html; charset=iso-8859-1

If I go for https, it’s like there’s nothing there:

% curl -I https://192.241.179.177
curl: (7) Failed to connect to 192.241.179.177 port 443: Connessione rifiutata

Do you have a VirtualHost listening on port 443?

I have virtual host with VirtualHost *:443 configured just like in the old server.
After moving the config files, do I need to enable anything on the new server? How do I know that let’s encrypt is working?

Check with ss -tulpn that apache is actually listening on port 443, please.

Or read here and check if apache is actually configured to do so: https://httpd.apache.org/docs/2.4/bind.html

It may appear that it’s not.

Please share the output from:
grep -ERi 'Listen ' /etc/apache2/

Rip

/etc/apache2/apache2.conf:# Include list of ports to listen on /etc/apache2/ports.conf:Listen 80 /etc/apache2/ports.conf: Listen 443 /etc/apache2/ports.conf: Listen 443

I need to help moving certification to a new server.

So I have created a VPS that comes with everything to get a WordPress site up and running. the server is running ubuntu 18.04, wordpress, and let’s script.

After creating the new server, I copied the web files (wordpress, etc) to the new server. Then I empty the existing database, and imported the database from the old server, which is running on https.

Then I moved the letsencrypt folder to the new server and the sites-enabled and sites-available folders from the apache2 folder in the older to the new server.

Initially, I skipped the automated Let’s Encrypt setup because it’s already running in the live site.

However, after moving all the old files, I’m still not able to load the site in the new server. I don’t know why. I have to make sure that everything is working before I change the DNS settings.

The way I’ve been trying to test the site is updating the hosts file in Windows 10 and pointing it to the new IP address, but I’m getting refused connection.

Some of those are symbolic links - you need to be sure that copied over correctly.

You should be able to find an Apache error log in /var/log/apache2 on the new server, which may contain information about why Apache wasn’t able to start (if that’s part of the problem).

This consideration is important both for /etc/apache2/sites-available and for /etc/letsencrypt. :slight_smile:

No errors, just this: AH00163: Apache/2.4.29 (Ubuntu) configured – resuming normal operations

I did done the syslink again and restarted apache.