My main domain has SSL and my subdomain dont have SSL

Nolife159159 · March 14, 2023, 11:44pm

yeah how can i fix this ?

rg305 · March 14, 2023, 11:45pm

Since I see:
Server: Apache/2.4.54 (Debian)

I would think we should start troubleshooting that with:
sudo apachectl -t -D DUMP_VHOSTS

Nolife159159 · March 14, 2023, 11:46pm

well i have this

sudo apachectl -t -D DUMP_VHOSTS
VirtualHost configuration:
*:80                   qkqy.c.dedikuoti.lt (/etc/apache2/sites-enabled/000-default.conf:1)
*:443                  is a NameVirtualHost
         default server qkqy.c.dedikuoti.lt (/etc/apache2/sites-enabled/default-ssl.conf:2)
         port 443 namevhost qkqy.c.dedikuoti.lt (/etc/apache2/sites-enabled/default-ssl.conf:2)
         port 443 namevhost lerg.lt (/etc/apache2/sites-enabled/lerg.lt-le-ssl.conf:2)
                 alias www.lerg.lt
         port 443 namevhost lerg.lt (/etc/apache2/sites-enabled/lerg.lt.conf:1)
                 alias www.lerg.lt
         port 443 namevhost vvp.lerg.lt (/etc/apache2/sites-enabled/lergvvp.lt.conf
``

rg305 · March 14, 2023, 11:46pm

Also, you might want to include the IPv6 address in DNS:

curl -Ii [2a02:7b40:50d1:ed2a::1]
HTTP/1.1 400 Bad Request
Date: Tue, 14 Mar 2023 23:45:57 GMT
Server: Apache/2.4.54 (Debian)
Content-Length: 447
Connection: close
Content-Type: text/html; charset=iso-8859-1

Nolife159159 · March 14, 2023, 11:47pm

How can i include ?

rg305 · March 14, 2023, 11:49pm

Nolife159159:

*:80 qkqy.c.dedikuoti.lt (/etc/apache2/sites-enabled/000-default.conf:1)

port 443 namevhost lerg.lt (/etc/apache2/sites-enabled/lerg.lt-le-ssl.conf:2)
         alias www.lerg.lt
port 443 namevhost lerg.lt (/etc/apache2/sites-enabled/lerg.lt.conf:1)
         alias www.lerg.lt

port 443 namevhost vvp.lerg.lt (/etc/apache2/sites-enabled/lergvvp.lt.conf

Well, that's a hot mess!

A. There is only one HTTP [port 80] listener.
B. Two files are serving the same name:port combination [overlap]
C. The vvp name is using HTTPS (without a valid cert for that name)?

rg305 · March 14, 2023, 11:49pm

Where do you set your DNS records?

Bruce5051 · March 14, 2023, 11:49pm

I didn't see any DNS AAAA Records.

Nolife159159 · March 14, 2023, 11:50pm

i have a site where can i add DNS records

Nolife159159 · March 14, 2023, 11:51pm

What i need to set as AAA record?

rg305 · March 14, 2023, 11:51pm

Lookie here:

Name:      qkqy.c.dedikuoti.lt
Addresses: 2a02:7b40:50d1:ed2a::1
           80.209.237.42

If it was included, why would it then need to be added?!?!?! - LOL

rg305 · March 14, 2023, 11:51pm

It is NOT required, but since it works, you should use it.
It's four As: "AAAA"

Bruce5051 · March 14, 2023, 11:52pm

Ah, OK; I missed it!

Nolife159159 · March 14, 2023, 11:52pm

How can i fix them ?

rg305 · March 14, 2023, 11:52pm

aaaah....
One at a time???

Nolife159159 · March 14, 2023, 11:53pm

Yeah where i should start about fixing those issues?

Nolife159159 · March 14, 2023, 11:59pm

so if i understanding it right i can remove one of those?

port 443 namevhost lerg.lt (/etc/apache2/sites-enabled/lerg.lt-le-ssl.conf:2)
         alias www.lerg.lt

?

Nolife159159 · March 15, 2023, 12:02am

Yeah cause not sure how can i validate the cert

do i need to have multiple ones?

rg305 · March 15, 2023, 12:15am

No; But to simplify automation, you should handle all the HTTP ACME challenge requests there.

Nelixus159123 · March 15, 2023, 12:22am

Getting back to this it seems that www.lerg.lt and lerg.lt are fine but vvp.lerg.lt has Certificate name mismatch (Also had to create new acc cause that one reached Posting limit)