Links broken after installing certificate

My domain is:
christiankirkeby.com

I ran this command:
sudo certbot --apache

It produced this output:
# sudo certbot --apache (had to write it this way for the hash to show)

sudo: unable to resolve host odin
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Enter email address (used for urgent renewal and security notices) (Enter 'c' to
cancel): *******@christiankirkeby.com _(sorry, I've obscured this to avoid spam bots, but I'll happily provide if required._

-------------------------------------------------------------------------------
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf. You must agree
in order to register with the ACME server at
https://acme-v01.api.letsencrypt.org/directory
-------------------------------------------------------------------------------
(A)gree/(C)ancel: a

-------------------------------------------------------------------------------
Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let's Encrypt project and the non-profit
organization that develops Certbot? We'd like to send you email about EFF and
our work to encrypt the web, protect its users and defend digital rights.
-------------------------------------------------------------------------------
(Y)es/(N)o: y

Which names would you like to activate HTTPS for?
-------------------------------------------------------------------------------
1: christiankirkeby.com
2: www.christiankirkeby.com
-------------------------------------------------------------------------------
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel):
Obtaining a new certificate
Performing the following challenges:
tls-sni-01 challenge for christiankirkeby.com
tls-sni-01 challenge for www.christiankirkeby.com
Enabled Apache socache_shmcb module
Enabled Apache ssl module
Waiting for verification...
Cleaning up challenges
Created an SSL vhost at /etc/apache2/sites-available/christiankirkeby.com-le-ssl.conf
Enabled Apache socache_shmcb module
Enabled Apache ssl module
Deploying Certificate for christiankirkeby.com to VirtualHost /etc/apache2/sites-available/christiankirkeby.com-le-ssl.conf
Enabling available site: /etc/apache2/sites-available/christiankirkeby.com-le-ssl.conf
Deploying Certificate for www.christiankirkeby.com to VirtualHost /etc/apache2/sites-available/christiankirkeby.com-le-ssl.conf

Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
-------------------------------------------------------------------------------
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
-------------------------------------------------------------------------------
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): **2**
Enabled Apache rewrite module
Redirecting vhost in /etc/apache2/sites-enabled/christiankirkeby.com.conf to ssl vhost in /etc/apache2/sites-available/christiankirkeby.com-le-ssl.conf

-------------------------------------------------------------------------------
Congratulations! You have successfully enabled https://christiankirkeby.com and
https://www.christiankirkeby.com

You should test your configuration at:
https://www.ssllabs.com/ssltest/analyze.html?d=christiankirkeby.com
https://www.ssllabs.com/ssltest/analyze.html?d=www.christiankirkeby.com
-------------------------------------------------------------------------------

IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/christiankirkeby.com/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/christiankirkeby.com/privkey.pem
   Your cert will expire on 2018-02-13. To obtain a new or tweaked
   version of this certificate in the future, simply run certbot again
   with the "certonly" option. To non-interactively renew *all* of
   your certificates, run "certbot renew"
 - Your account credentials have been saved in your Certbot
   configuration directory at /etc/letsencrypt. You should make a
   secure backup of this folder now. This configuration directory will
   also contain certificates and private keys obtained by Certbot so
   making regular backups of this folder is ideal.
 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le

My web server is (include version):
Server version: Apache/2.4.18 (Ubuntu)

The operating system my web server runs on is (include version):
Ubuntu 16.04.3 LTS (GNU/Linux 4.9.50-x86_64-linode86 x86_64)

My hosting provider, if applicable, is:
Linode

I can login to a root shell on my machine (yes or no, or I don’t know):
Yes (as you can see above, I ran the command as root)

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
No

After installing the certificate and answering yes to the HTTPS redirect question, all of my links redirect back to my main page. Under my Portfolio section I have some links to projects that I’ve made (each with their own index.html). All of these are hosted under their respective folders in /portfolio. For example https://christiankirkeby.com/portfolio/weather/index.html should open a purple page like the thumbnail, but while it does go to the URL above, it just opens my main page again under that URL. Additionally, you may need to refresh before this becomes an issue. I do use a service worker in my application through create-react-app, maybe that’s related? Their documentation doesn’t describe scenarios like these.

I’ve been searching a fair bit for other people with this issue but so far I’ve not found anyone with quite the same issue. Here are the contents of my sites-enabled files:

christiankirkeby.com.conf:

<VirtualHost *:80>
  # Admin email, Server Name (domain name), and any aliases
  ServerAdmin webmaster@christiankirkeby.com
  ServerName  christiankirkeby.com
  ServerAlias www.christiankirkeby.com

  # Index file and Document Root (where the public files are located)
  DirectoryIndex index.html
  DocumentRoot /var/www/html/christiankirkeby.com/public_html
  # Log file locations
  LogLevel warn
  ErrorLog  /var/www/html/christiankirkeby.com/log/error.log
  CustomLog /var/www/html/christiankirkeby.com/log/access.log combined
  RewriteEngine on
  RewriteCond %{SERVER_NAME} =www.christiankirkeby.com [OR]
  RewriteCond %{SERVER_NAME} =christiankirkeby.com
  RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

christiankirkeby.com-le-ssl.conf:

<IfModule mod_ssl.c>
<VirtualHost *:443>
  # Admin email, Server Name (domain name), and any aliases
  ServerAdmin webmaster@christiankirkeby.com
  ServerName  christiankirkeby.com
  ServerAlias www.christiankirkeby.com

  # Index file and Document Root (where the public files are located)
  DirectoryIndex index.html
  DocumentRoot /var/www/html/christiankirkeby.com/public_html
  # Log file locations
  LogLevel warn
  ErrorLog  /var/www/html/christiankirkeby.com/log/error.log
  CustomLog /var/www/html/christiankirkeby.com/log/access.log combined
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/christiankirkeby.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/christiankirkeby.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>

I had a .htaccess file in my /public_html but I disabled it in an attempt to fix this issue, but it doesn’t appear to have done anything. Here are the contents of it in any case (the README on create-react-app states that this is required for it to run on Apache):

Options -MultiViews
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.html [QSA,L]

Any help would be much appreciated. I don’t know enough about Apache2 to be able to deduce what’s happening in these files.

It loads and redirects fine for me but you have a mixed content warning which you need to address.

1 Like

Clicking any of your links in Chrome like “Weather API App” or “Twitch API App” keeps opening new tabs. I can visit those pages directly if I copy and paste the links into Safari.

This is the issue I described above. This was not an issue until immediately after I ran the certbot script. When you say you can visit those pages directly if you copy and paste the links into Safari, do you mean that they open their respective pages (they’ll look like the thumbnails)?

Fixing the served over HTTP was going to be next on the agenda, but surely that wouldn’t have broken my links?

Hi Christian, in Safari all those links open in new tabs and renders the correct page as per the thumbnail. In Chrome however it keeps opening new tabs and they all just render the front page. I cannot see anything in your vhost config’s that would cause that.

37 AM

This is interesting though when I look at your page source

<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width,initial-scale=1,shrink-to-fit=no"><meta name="theme-color" content="#000000"><link rel="manifest" href="/manifest.json"><link rel="shortcut icon" href="/favicon.ico"><title>Christian Kirkeby</title><link href="/static/css/main.a1c4a2c7.css" rel="stylesheet"></head><body><noscript>You need to enable JavaScript to run this app.</noscript><div id="root"></div><script type="text/javascript" src="/static/js/main.73062921.js"></script></body></html>

That’s okay, that’s just the nature of the front-end framework I’m using.

I think I’ve solved it though. I suspect the HTTP version of the site was cached through a technology (which I don’t fully understand) called a service worker, and so the Apache redirect was just trying to redirect back to my main page.

I’ll resolve this ticket for now, thanks for all your help.

1 Like

No problem, Glad you got it all working :+1:

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.