niux
September 18, 2023, 5:08am
1
My domain is: https://www.potatoro.com
I ran this command: sudo certbot --apache -d potatoro.com -d www.potatoro.com
It produced this output: ok
My web server is (include version): Apache/2.4.52
The operating system my web server runs on is (include version): Ubuntu 22.04
My hosting provider, if applicable, is: Me
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 1.21.0
https://check-your-website.server-daten.de/?q=potatoro.com
1 Like
https do work in base domain, just you are not redirecting to it:
3 Likes
niux
September 18, 2023, 1:38pm
3
That's because I wanted both urls to work without a 301 redirect.
I guess, you should add something like this to your httpd-xampp and httpd-vhosts :
<VirtualHost *:80>
ServerName domain.com
ServerAlias www.domain.com
Redirect / https://domain.com
</VirtualHost>
niux
September 18, 2023, 1:55pm
5
I have that
<VirtualHost *:443>
ServerName potatoro.com
ServerAlias www.potatoro.com
DocumentRoot /var/www/html
SSLEngine on
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/potatoro.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/potatoro.com/privkey.pem
</VirtualHost>
<VirtualHost *:80>
ServerName potatoro.com
ServerAlias www.potatoro.com
Redirect / https://www.potatoro.com
RewriteEngine on
RewriteCond %{SERVER_NAME} =www.potatoro.com [OR]
RewriteCond %{SERVER_NAME} =potatoro.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
But https://potatoro.com doesn't work
MikeMcQ
September 18, 2023, 2:30pm
6
It works for me. Why do you say that? Where are you seeing the problem?
curl -I http://potatoro.com/Test123
HTTP/1.1 301 Moved Permanently
Location: https://potatoro.com/Test123
curl -I http://www.potatoro.com/Test123
HTTP/1.1 301 Moved Permanently
Location: https://www.potatoro.com/Test123
And, you have two kinds of redirects defined. Your redirect / https://... can be removed and is not correct anyway (should have a slash after .com)
niux:
Redirect / https://www.potatoro.com
RewriteEngine on
RewriteCond %{SERVER_NAME} =www.potatoro.com [OR]
RewriteCond %{SERVER_NAME} =potatoro.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
3 Likes
niux
September 18, 2023, 2:34pm
7
On my Linux machine https://potatoro.com works but as soon as I try from my windows device I get a warning "Potential Security Risk Ahead" on Firefox, and this on Brave:
MikeMcQ
September 18, 2023, 2:39pm
8
The cert and its chains look fine
Do you have any kind of firewall or HTTPS inspection service on your Windows machine?
Is there further details such as what the invalid name is?
4 Likes
niux
September 18, 2023, 2:40pm
9
I have Malwarebytes and NordVPN
MikeMcQ
September 18, 2023, 2:46pm
10
niux:
I have Malwarebytes
Do any other websites work with https in your Firefox or brave browser? Because it looks to me like malwarebytes is intercepting the HTTPS requests to protect you but causing this error
4 Likes
niux
September 18, 2023, 2:47pm
11
Everything else works.
1 Like
MikeMcQ
September 18, 2023, 2:50pm
12
I am out of ideas then. You can see the Let's Encrypt cert has SAN's names using the ssl checker url I showed earlier. Your browser is getting a different certificate from somebody but it's not your server
Do you have openssl on your windows machine by any chance
4 Likes
niux
September 18, 2023, 2:53pm
13
I cleared the SSL state of my windows machine and it's working now.
1 Like
