LetsEncrypt Certificate Not Used - Apache Config Points to Another Certificate

I’m trying to set up a site with ssl using Let’s Encrypt but I am having an issue getting a valid certificate.

virtualhosts.conf:

NameVirtualHost *:80
NameVirtualHost *:443

<VirtualHost *:80>
    ServerName uat.itccompliance.co.uk
    ServerAdmin webmaster@itccompliance.co.uk

    DocumentRoot "/var/www/httpdocs"

    RewriteEngine on
    RewriteCond %{SERVER_NAME} =uat.itccompliance.co.uk
    RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [L,NE,R=permanent]
</VirtualHost>

vitualhosts-le-ssl.conf:

<IfModule mod_ssl.c>
<VirtualHost *:443>
    ServerName uat.itccompliance.co.uk
    ServerAdmin webmaster@itccompliance.co.uk

    DocumentRoot "/var/www/httpdocs"

    RewriteEngine on
 Some rewrite rules in this file were disabled on your HTTPS site,
 because they have the potential to create redirection loops.

     RewriteCond %{SERVER_NAME} =uat.itccompliance.co.uk
     RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [L,NE,R=permanent]
SSLCertificateFile /etc/letsencrypt/live/uat.itccompliance.co.uk/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/uat.itccompliance.co.uk/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateChainFile /etc/letsencrypt/live/uat.itccompliance.co.uk/chain.pem
</VirtualHost>
</IfModule>

My domain is:
uat.itccompliance.co.uk

I ran this command:
sudo /usr/local/bin/certbot-auto

It produced this output:
Created an SSL vhost at /etc/httpd/conf.d/virtualhosts-le-ssl.conf
Deploying Certificate for uat.itccompliance.co.uk to VirtualHost /etc/httpd/conf.d/virtualhosts-le-ssl.conf
Please choose whether HTTPS access is required or optional.

1: Easy - Allow both HTTP and HTTPS access to these sites
2: Secure - Make all requests redirect to secure HTTPS access

Select the appropriate number [1-2] then [enter] (press ‘c’ to cancel): 2
Enhancement redirect was already set.

Congratulations! You have successfully enabled https://uat.itccompliance.co.uk

You should test your configuration at:
https://www.ssllabs.com/ssltest/analyze.html?d=uat.itccompliance.co.uk

IMPORTANT NOTES:

• Congratulations! Your certificate and chain have been saved at
  /etc/letsencrypt/live/uat.itccompliance.co.uk/fullchain.pem. Your
  cert will expire on 2017-08-07. To obtain a new or tweaked version
  of this certificate in the future, simply run certbot-auto again
  with the “certonly” option. To non-interactively renew all of
  your certificates, run “certbot-auto renew”

• Some rewrite rules copied from /etc/httpd/conf.d/virtualhosts.conf
  were disabled in the vhost for your HTTPS site located at
  /etc/httpd/conf.d/virtualhosts-le-ssl.conf because they have the
  potential to create redirection loops.

• If you like Certbot, please consider supporting our work by:

  Donating to ISRG / Let’s Encrypt: https://letsencrypt.org/donate
  Donating to EFF: https://eff.org/donate-le

My operating system is (include version):
centos 6.6

My web server is (include version):
apache 2.2Preformatted text

Hi @robbiedyer,

It looks like you did get a valid certificate, but it just isn’t being used by Apache for some reason. I think changes to your Apache configuration will make it work, though I don’t immediately have a suggestion to offer.

Ah yes, turned out the ssl.conf had another default virtualhost in it. Problem sorted. Thanks!

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.