LetsEncrypt Cert with EC2 Bitnami

Help
63

I expanded the certs and restarted apache. Still nothing…

64

web_error02
web_error02.jpeg1227×1223 70.3 KB

65

cert_errors
cert_errors.jpeg1024×824 257 KB

66

HELP!! This process is killing me…

script_errors
script_errors.jpeg1024×824 301 KB

67

Hi @baim,

You said you expanded the current cert so the path used to create the symbolic links should be /etc/letsencrypt/live/baim.tv/ instead of /etc/letsencrypt/live/www.baim.tv/.

Double check the right path to your cert.

Cheers,
sahsanu

1 Like
68

Hello,

Ok, I have overwritten the certs using the following commands, with no errors:

sudo ln -sf /etc/letsencrypt/live/example.com/fullchain.pem /opt/bitnami/apache2/conf/server.crt

sudo ln -sf /etc/letsencrypt/live/example.com/privkey.pem /opt/bitnami/apache2/conf/server.key

What’s next?

cert_overwrite
cert_overwrite.jpeg1024×824 144 KB

69

Could there be any problem with the force https code? Here is what I added.

< VirtualHost default:80 >
DocumentRoot “/opt/bitnami/apache2/htdocs”

RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/(.*) https://www.baim.tv/$1 [R,L]

70

Even change to remove www and still does not work:

< VirtualHost default:80 >
DocumentRoot “/opt/bitnami/apache2/htdocs”

RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/(.*) https://baim.tv/$1 [R,L]

71

Hi @baim,

You have a misconfigured rewrite rule in your VirtualHost (the one used for 443 port) or you have that rewrite rule in some .htaccess file. Whatever, it is generating a loop, right now when you try to access http://baim.tv it redirects to https://baim.tv and it redirects to http://baim.tv and so on…

Cheers,
sahsanu

1 Like
72

Ok, I understand you state I am in a loop, but I am not sure what you are asking me to do to change the setting. Here is the virtual host settings. Is there fomenting wrong in here?

virtualHost
virtualHost.jpeg1024×824 132 KB

73

No, not there, I’m asking for the conf where you have configured the certs to be used by your web server:

It should start with something like <VirtualHost _defaul_:443> or <VirtualHost *:443>

1 Like
74

Hello,

I have not changed these settings nor do I know where they are. Here is the Lightsail script I was given to run to install the cert. Other than this, I have not edited any other files.

Step One: SSH into your instance and run.

sudo su
cd ~
mkdir tmp

Step Two: Install Letsencrypt

wget https://dl.eff.org/certbot-auto
chmod a+x certbot-auto

Step Three: Run the script

./certbot-auto certonly --webroot -w /home/bitnami/htdocs/ -d example.com
Step Four: Delete two files to be replaced by the newly created ones

sudo ./certbot-auto certonly --webroot -w /opt/bitnami/apps/wordpress/htdocs/ -d baim.tv -d www.baim.tv

Step Four: Delete two files to be replaced by the newly created ones

cd /opt/bitnami/apache2/conf/
rm server.crt
rm server.key

Step Five: Create links for the newly created files (use -sf to overwrite)

sudo ln -s /etc/letsencrypt/live/example.com/fullchain.pem /opt/bitnami/apache2/conf/server.crt

sudo ln -s /etc/letsencrypt/live/example.com/privkey.pem /opt/bitnami/apache2/conf/server.key

Now very important restart Apache

sudo /opt/bitnami/ctlscript.sh restart apache

!Important to renew simply run in your tmp folder.

cd ~ temp
./certbot-auto renew

Extra if you would like to force https

sudo nano /opt/bitnami/apache2/conf/bitnami/bitnami.conf

Add the text below here:

< VirtualHost default:80 >
DocumentRoot “/opt/bitnami/apache2/htdocs”

RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [R,L]

RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/(.*) https://www.baim.tv/$1 [R,L]

Now very important restart Apache

sudo /opt/bitnami/ctlscript.sh restart apache

Remove banner

sudo /opt/bitnami/apps/wordpress/bnconfig --disable_banner 1

75

Sorry but I don’t understand the whole picture here, you did only the steps you have posted above that are using the default VirtualHost on port 80 and it is using the DocumentRoot /opt/bitnami/apache2/htdocs but issuing the certificates you specified the webroot path as /opt/bitnami/apps/wordpress/htdocs/ so… where is the conf for your domains baim.tv and www.baim.tv?

grep -ri '/opt/bitnami/apache2/htdocs' /opt/bitnami/apache2/conf/*

1 Like
76

Ok, awesome! Here are the results of the scripts:

grep_ri
grep_ri.jpeg1024×824 225 KB

77

You mistyped the command I posted, you wrote cong instead of conf.

Show the output of these commands:

grep -ri '/opt/bitnami/apache2/htdocs' /opt/bitnami/apache2/conf/*
grep -ri '/opt/bitnami/apps/wordpress/htdocs/' /opt/bitnami/apache2/conf/*
grep -ri 'virtualhost' /opt/bitnami/apache2/conf/*
grep -ri 'servername' /opt/bitnami/apache2/conf/*
1 Like
78

It was conf…here it is again.

grep_02
grep_02.jpeg1024×824 255 KB

79

no, put the entire command:

grep -ri '/opt/bitnami/apache2/htdocs' /opt/bitnami/apache2/conf/*

Also, show the output of these commands:

grep -ri '/opt/bitnami/apps/wordpress/htdocs/' /opt/bitnami/apache2/conf/*
grep -ri 'virtualhost' /opt/bitnami/apache2/conf/*
grep -ri 'servername' /opt/bitnami/apache2/conf/*
1 Like
80

virtualhost

virtualhost
virtualhost.jpeg1024×1373 606 KB

81

servername

servername
servername.jpeg1024×1373 606 KB

82

oh, sorry…htdocs

htdocs
htdocs.jpeg1024×670 329 KB