Installed Certbot on Unbuntu server and now my site is non-responsive

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:damianjyates.com

I ran this command:sudo certbot --apache

It produced this output:Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache

Which names would you like to activate HTTPS for?

1: damianjyates.com
2: www.damianjyates.com

Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter ‘c’ to cancel): 1
Obtaining a new certificate
Created an SSL vhost at /etc/apache2/sites-available/damianjyates.com-le-ssl.conf
Enabled Apache socache_shmcb module
Enabled Apache ssl module
Deploying Certificate to VirtualHost /etc/apache2/sites-available/damianjyates.com-le-ssl.conf
Enabling available site: /etc/apache2/sites-available/damianjyates.com-le-ssl.conf

Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.

1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you’re confident your site works on HTTPS. You can undo this
change by editing your web server’s configuration.

Select the appropriate number [1-2] then [enter] (press ‘c’ to cancel): 2
Redirecting vhost in /etc/apache2/sites-enabled/damianjyates.com.conf to ssl vhost in /etc/apache2/sites-available/damianjyates.com-le-ssl.conf

Congratulations! You have successfully enabled https://damianjyates.com

You should test your configuration at:
https://www.ssllabs.com/ssltest/analyze.html?d=damianjyates.com

IMPORTANT NOTES:

• Congratulations! Your certificate and chain have been saved at:
  /etc/letsencrypt/live/damianjyates.com-0001/fullchain.pem
  Your key file has been saved at:
  /etc/letsencrypt/live/damianjyates.com-0001/privkey.pem
  Your cert will expire on 2020-05-28. To obtain a new or tweaked
  version of this certificate in the future, simply run certbot again
  with the “certonly” option. To non-interactively renew all of
  your certificates, run “certbot renew”

• If you like Certbot, please consider supporting our work by:

  Donating to ISRG / Let’s Encrypt: https://letsencrypt.org/donate
  Donating to EFF: https://eff.org/donate-le

My web server is (include version): Apache/2.4.29

The operating system my web server runs on is (include version): Ubuntu 18.04.3 LTS

My hosting provider, if applicable, is: N/A

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.31.0

The most likely reason that it’s timing out is that a firewall is blocking port 443.

Have you checked ufw or iptables or whatever you’re using locally, and DigitalOcean’s Cloud Firewall?

not using DO cloud firewall.
ufw:To Action From

22 ALLOW Anywhere
Apache Full ALLOW Anywhere
21/tcp ALLOW Anywhere
22 (v6) ALLOW Anywhere (v6)
Apache Full (v6) ALLOW Anywhere (v6)
21/tcp (v6) ALLOW Anywhere (v6)

added 80 443 just for fun but no change

I stand corrected. I guess i did enable the DO firewall
Thanks for the assist

Why did you only specify host number one? Now your certificate is missing the www subdomain.

didn’t even realize that. I’m kinda green to the Linux world. Still learning the ins and outs. Ill update it.

Welcome to the club

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.