Https not working http works good

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

http works good
i just installed my let’s Encrypt and it gives my
on browser firfox This site can’t be reached

pmcegyptgroup.com refused to connect.
Try:

• Checking the connection
• Checking the proxy and the firewall

ERR_CONNECTION_REFUSED

i check it by https://www.sslshopper.com/ssl-checker.html#hostname=https://pmcegyptgroup.com
the result was

No SSL certificates were found on pmcegyptgroup.com. Make sure that the name resolves to the correct server and that the SSL port (default is 443) is open on your server’s firewall.

i check my server firewall
root@vmi260129:~# ufw status
Status: inactive
root@vmi260129:~# ufw allow 443
Skipping adding existing rule
Skipping adding existing rule (v6)
root@vmi260129:~#

My domain is: https://pmcegyptgroup.com

I ran this command: apt install certbot ; certbot certonly --manual -d *.pmcegyptgroup.com.com -d pmcegyptgroup.com --agree-tos --no-bootstrap --manual-public-ip-logging-ok --preferred-challenges dns-01 --server https://acme-v02.api.letsencrypt.org/directory

It produced this output:

Screenshot from 2019-05-30 15-25-28.png1366×768 80.6 KB

also i update configuration. file root@vmi260129:/etc/apache2/sites-available# nano default-ssl.conf

ServerAdmin webmaster@localhost
ServerName pmcegyptgroup.com
ServerAlias www.pmcegyptgroup.com
DocumentRoot /var/www/htmlDocumentRoot /var/www/www.pmcegyptgroup.com/html

<Directory /var/www/html>

Options -Indexes +FollowSymLinks

AllowOverride All

Order allow,deny

allow from all

ErrorLog ${APACHE_LOG_DIR}/mcegyptgroup.com-error.log

CustomLog ${APACHE_LOG_DIR}/mcegyptgroup.com-access.log combined

SSLCertificateFile /etc/letsencrypt/live/mcegyptgroup.com/fullchain.pem

SSLCertificateKeyFile /etc/letsencrypt/live/pmcegyptgroup.com/privkey.pem

Include /etc/letsencrypt/options-ssl-apache.conf

My web server is (include version): apache Apache/2.4.34

The operating system my web server runs on is (include version): ubuntu 18.04 ,
My hosting provider, if applicable, is: contabo

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): webmin 1.910

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): 0.27.0-1

Hi @Ihabali

if you use certbot certonly, the certificate isn't installed.

So you have to install your certificate. Without an installed certificate https can't work.

PS: You have created two certificates ( https://check-your-website.server-daten.de/?q=pmcegyptgroup.com ):

One is older. So that part works.

How did you install the older certificate? Perhaps a restart of your webserver is required.

PPS: That answer

looks like a firewall that blocks.

Or has Webmin something like a firewall?

Dear Juergen Auer
thanks for your response i checked the firewall as mentioned above
i check my server firewall
root@vmi260129:~# ufw status
Status: inactive
root@vmi260129:~# ufw allow 443
Skipping adding existing rule
Skipping adding existing rule (v6)
root@vmi260129:~#
i just opened 443 please check the configure file default-ssl.conf

on text above and let me know what you see thanks in advance

That's a file of your server, I can't check that.

https://pmcegyptgroup.com/

has the same result - no answer. Does that url work internal? What says

curl  https://pmcegyptgroup.com/

if you use this command from your root shell?

If you want to check that online, use https://check-your-website.server-daten.de/?q=pmcegyptgroup.com to recheck your domain.

Deer Juergen Auer
i used crul and get that
root@vmi260129:~# curl https://pmcegyptgroup.com
curl: (7) Failed to connect to pmcegyptgroup.com port 443: Connection refused

yes i use this command from your root shell

Then your configuration doesn't work internal.

You use certonly. But you have a webmin. Perhaps you have to install the certificate via webmin.

How did you install your older certificate? Do that again.

the two certificates are installed through remote root command line and by Certbot

you asked about webmin , it make a problem with let’s encrypt (certbot) ?

I don't know the details of your configuration. Normally, it isn't a good idea to mix webmin and certbot.

There is an older certificate - 2019-03-22. But I don't know if you have had an earlier working configuration.

“older certificate - 2019-03-22” the site was hosted in another host provider,
but now i have VPS un-managed based on with LAMP & webmin and i just installed let’s Encrypt using certbot

Looks that this is wrong. You have to install the certificate via webmin:

https://www.virtualmin.com/documentation/tutorial/how-to-add-an-ssl-certificate

thanks a lot it means that i have to reinstall via wibmin,
i have a question
is the certificates that i was install on my server must be removed or what?
or i just install via webmin directly is enough

No. Don't remove certificates manual.

The certificate is (simple) replaced by the new certificate.

thanks for your attention i will install webmint and then install let’s Encrypt and i will inform you
thanks for help

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.