Installed cert-bot in automated mode on apache but website isn't opening

Hi all.
I have a website on https://unfalsecoding.net (without www)

OS is Ubuntu 14.04
Server version: Apache/2.4.7 (Ubuntu)
Server built: Nov 28 2018 00:08:50
My webserver is hosted on a virtual server.

Ran

$ sudo apt-get update
$ sudo apt-get install software-properties-common
$ sudo add-apt-repository universe
$ sudo add-apt-repository ppa:certbot/certbot
$ sudo apt-get update
$ sudo apt-get install python-certbot-apache 
$ sudo certbot --apache

It found out that I have a website on unfalsecoding.net and gave me a choice to make a redirect or not (1 or 2). I chose 1.
After that it worked for a while and then wrote

- Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/unfalsecoding.net/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/unfalsecoding.net/privkey.pem
   Your cert will expire on 2019-04-24. To obtain a new or tweaked
   version of this certificate in the future, simply run certbot again
   with the "certonly" option. To non-interactively renew *all* of
   your certificates, run "certbot renew"

Everything seems installed properly and port 443 is opened but I cannot open my website anymore as chrome shows an error

This site can’t be reached
**unfalsecoding.net**  refused to connect.

The ssllabs at
https://www.ssllabs.com/ssltest/analyze.html?d=www.unfalsecoding.net
also shows

Assessment failed: No secure protocols supported

Also I didn’t do anything else besides the steps above.
Should I share my apache configs ?

Hi @unfalse

you have created a certificate:

But your website ( https://check-your-website.server-daten.de/?q=unfalsecoding.net )

blocks everything.

Active blocking or closing the transport stream. Is there a firewall or something else? Are you able to connect the website from the server (using curl with 127.0.0.1 and port 80)?

Is your webserver running?

Thank you for your answer!

sudo service apache2 restart
 * Restarting web server apache2
(98)Address already in use: AH00072: make_sock: could not bind to address [::]:443
(98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:443
no listening sockets available, shutting down
AH00015: Unable to open logs
Action 'start' failed.
The Apache error log may have more information.
   ...fail!
 * The apache2 instance did not start within 20 seconds. Please read the log files to discover problems

I am trying now to solve it by myself but I highly appreciate any help.

Looks like you have already an instance running. Can you reboot your server?

Thanks a lot!
I have just found a docker-proxy on :443
So I launched sudo docker stop and sudo service apache2 restart and my website is running now on http now but still not on https. Maybe I need to comment out the config for http and port 80.

Oh, I know. It's always a good idea what the own server is doing

Same with code

Now everything is working!
I forgot that I have a couple of other virtual hosts and it seems that the automated cert-bot found the first virtual host and installed the certificates on it. So I removed them and only one has left. Ran sudo certbot --apache and restarted the Apache.
It has now a gray lock icon in Chrome but I think it’s another issue that I will solve later.
Thanks for help!

There are two problems:

First, you have the www version defined in your dns settings. But the certificate has only the non-www domain name. So perhaps create a new certificate with both domain names.

This

http://unfalsecoding.net/fonts/blox2.ttf

is mixed content on your http status 404 page.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.