Https redirect loop after LE cert on DigitalOcean droplet

#1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: mkt.talesofmurder.com

I ran this command: I followed the tutorial listed (and linked ones in prerequisites) for setting up Apache, installing LetsEncrypt, etc. -> https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-18-04

It produced this output:
I was able to produce a valid ssl certificate and the ssl checker site gave me an A+ … however, when I go to the url https://mkt.talesofmurder.com, I get get a redirect loop error. Tested on multiple browsers, normal & incognito, 2 different computers (one Manjaro Linux, the other W10).

My web server is (include version): Digital Ocean droplet with Apache2; don’t know version

The operating system my web server runs on is (include version):Ubuntu 18.04

My hosting provider, if applicable, is: Netlify

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): Using the DO web interface

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): 0.31.0

——

I’m setting up a subdomain only. My main site has ssl through the host, Netlify. This subdomain is set up to host my Mautic installation and needs to be under https. The main ssl certificate from Netlify doesn’t cover this subdomain since I have to host it on a different server (I don’t think Netlify runs this kind of server).

I’ve read through as as many other forum posts, etc. here and on the DO community trying to find a solution. However, despite analyzing my conf files and comparing them to the ones shown, I cannot sort the issue.

Any help greatly appreciated.

#2

Hi @flaturtha

you have a direct loop https -> https ( https://check-your-website.server-daten.de/?q=mkt.talesofmurder.com ):

Domainname Http-Status redirect Sec. G
http://mkt.talesofmurder.com/
134.209.51.234 200 0.336 H
https://mkt.talesofmurder.com/
134.209.51.234 302 https://mkt.talesofmurder.com/ 1.980 L
http://mkt.talesofmurder.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
134.209.51.234 404 0.340 A
Not Found
Visible Content: Not Found The requested URL /.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de was not found on this server. Apache/2.4.29 (Ubuntu) Server at mkt.talesofmurder.com Port 80

Grade L = Loop.

And your certificate is correct:

CN=mkt.talesofmurder.com
	02.04.2019
	01.07.2019
expires in 89 days	mkt.talesofmurder.com - 1 entry

So check your https vHost to find that redirect.

Or you have a wrong .htaccess.

#3

Thank you, @JuergenAuer. I read your comments in a previous post and finally concluded that I had the https -> https loop but didn’t know how to track it down. I looked for a .htaccess file but didn’t find one. Isn’t it usually in the root folder?

I’ll look deeper for the redirect.

Appreciate the insight. I will report back.

#4

Maybe in the root folder. But check your vHost definitions

RewriteEngine on