Issues with SSL

Help
1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: morainegrove.com

When I run whynopadlock, everything is ok - however when I go to the actual site morainegrove.com it is showing not secure. Tried multiple broswers, incognito, different computers all with the same results. I used certbot on public.morainegrove.com and it worked fine. Checked the apache config files and they look pretty identical except for the domain name

My web server is (include version): Apache 2.4.58

The operating system my web server runs on is (include version):Ubuntu 24.04.2 LTS

My hosting provider, if applicable, is: VPS

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): 2.9.0

When looking below the first one is not working (morainegrove.com) but the second one is (public.morainegrove.com). I tried removing the certificate and reinstalling from scratch - no luck either.

Here is my conf file for morainegrove.com

<VirtualHost *:443>
    DocumentRoot /home/websites/morainegrove.com/public
    ServerName morainegrove.com
    ServerAlias www.morainegrove.com
    <Directory /home/websites/morainegrove.com/public>
        Require all granted
        Options -Indexes +FollowSymLinks +MultiViews
        AllowOverride All
    </Directory>
    RewriteEngine on

    SSLCertificateFile /etc/letsencrypt/live/morainegrove.com-0001/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/morainegrove.com-0001/privkey.pem
    Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>

## REDIRECT ##
RewriteEngine on
RewriteCond %{SERVER_NAME} =morainegrove.com [OR]
RewriteCond %{SERVER_NAME} =www.morainegrove.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

=====================================================
here is my conf file for public.morainegrove.com

<VirtualHost *:443>
    DocumentRoot /home/websites/public.morainegrove.com
    ServerName public.morainegrove.com
    ServerAlias www.public.morainegrove.com
    <Directory /home/websites/public.morainegrove.com>
        Require all granted
        Options -Indexes +FollowSymLinks +MultiViews
        AllowOverride All
    </Directory>
    SSLCertificateFile /etc/letsencrypt/live/public.morainegrove.com/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/public.morainegrove.com/privkey.pem
    Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
## REDIRECT ##
RewriteEngine on
RewriteCond %{SERVER_NAME} =public.morainegrove.com [OR]
RewriteCond %{SERVER_NAME} =www.public.morainegrove.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
2

your base domain 301 redirects to www. subdomain, but certificate doesn't cover that subdomain.

certbot  --expand -d morainegrove.com,www.morainegrove.com

maybe this work?

4 Likes
3

PERFECT - thank you so much!!!!

4 Likes