Old problem fixed

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: mohammed2.com

I ran this command: certbot certificates

It produced this output: Found the following certs:
Certificate Name: mohammed2.com
Domains: mohammed2.com
Expiry Date: 2020-08-12 15:50:09+00:00 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/mohammed2.com-0001/fullchain.pem
Private Key Path: /etc/letsencrypt/live/mohammed2.com-001/privkey.pem
Certificate Name: mohammed2.com
Domains: mohammed2.com www.mohammed2.com
Expiry Date: 2020-08-12 16:13:05+00:00 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/mohammed2.com/fullchain.pem
Private Key Path: /etc/letsencrypt/live/mohammed2.com/privkey.pem

My web server is (include version): apache

The operating system my web server runs on is (include version): ubuntu 19.10

My hosting provider, if applicable, is: my own vmware | domain at: hostnet.nl

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.36.0

Je bedoelt “Ik draai het op m’n eigen Ziggo-verbinding”? Kwam op mij een beetje verwarrend over, aangezien “host.net” eigenlijk helemaal niets lijkt te zijn. (Verlopen certificaat, site redirect naar heel iets anders in de VS…)

Verder bedoelde je denk ik “Hostnet.nl” (en niet “host.net”), wat je DNS registrar lijkt te zijn, oftewel, het bedrijf waar je je .nl-domeinnaam hebt geregistreerd.

Anyway, ik krijg als ik naar betalings.nl surf alleen een placeholder van Hostnet te zien met: “Helaas was iemand je al voor. Check hieronder een andere domeinnaam.” Dat komt doordat er nog een AAAA DNS resource record (IPv6) op betalings.nl staat met als doel-IPv6-adres een adres van Hostnet. Ik denk niet dat je een IPv6 adres hebt van Ziggo? Als je dat inderdaad niet hebt, dan moet je het AAAA-record even verwijderen uit je DNS-instellingen (waarschijnlijk bij Hostnet). En anders even het goede IPv6 adres van Ziggo updaten in je DNS.

Dat zijn geen webservers. Je webserver is Apache zie ik in het antwoord van je webserver.

Goed, dat allemaal terzijde. Bovenstaande is wel belangrijk, maar niet 't probleem waar je dit topic voor aanmaakte. Om dat te kunnen beantwoorden, wil ik graag nog iets van je weten:

Welk commando heb je gebruikt om überhaupt het certificaat te verkrijgen?

Hi @monkeydluffy

there is a check of your domain, created last night - 14.05.2020 01:57:32 - https://check-your-website.server-daten.de/?q=betalings.nl

There was a ~~working configuration, creating a screenshot worked with https://betalings.nl/

Only the certificate was wrong.

	CN=*.hostnetbv.nl, OU=PositiveSSL Wildcard

Now it doesn’t work, there is a bad request.

You have root access. So it looks only like an installation problem.

sudo certbot --apache -d domain.nl -d www.domain.nl

i’ve reinstalled it many times today but it’s still not working

What says

apachectl -S

Disable your not working port 443 vHost, then you need a working port 80 vHost without duplicates.

Then (then, not before!) use certbot --reinstall -d betalings.nl -d www.betalings.nl. But that works only if your port 80 vHost config is clean and working.

AH00558: apache2: Could not reliably determine the server’s fully qualified domain name, using Set the ‘ServerName’ directive globally to suppress this message
VirtualHost configuration: domain.nl (/etc/apache2/sites-enabled/domain.nl-le-ssl.conf:2) domain.nl (/etc/apache2/sites-enabled/domain.nl.conf:1)
ServerRoot: “/etc/apache2”
Main DocumentRoot: “/var/www/html”
Main ErrorLog: “/var/log/apache2/error.log”
Mutex rewrite-map: using_defaults
Mutex ssl-stapling-refresh: using_defaults
Mutex ssl-stapling: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/var/run/apache2/" mechanism=default
Mutex mpm-accept: using_defaults
Mutex watchdog-callback: using_defaults
PidFile: “/var/run/apache2/apache2.pid”
User: name=“www-data” id=33
Group: name=“www-data” id=33

Looks ok.

  • Make a backup
  • follow the previous explantations

i fixed the port80 vHost and reinstalled it but i still can visit my site with a SSL
the certificatie installation was a succes but it’s still not working

  • Congratulations! Your certificate and chain have been saved at:
    Your key file has been saved at:
    Your cert will expire on 2020-08-12. To obtain a new or tweaked
    version of this certificate in the future, simply run certbot again
    with the “certonly” option. To non-interactively renew all of
    your certificates, run “certbot renew”

  • If you like Certbot, please consider supporting our work by:

    Donating to ISRG / Let’s Encrypt: https://letsencrypt.org/donate
    Donating to EFF: https://eff.org/donate-le

You didn’t.

Nobody told you to create a new certificate.

PS: And I didn’t told you something about fixing your port 80.

ow sorry i mean i edited the 80 port vHost file this:

# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request’s Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.

    ServerName domain.nl
    ServerAlias www.domain.nl domain.nl
    ServerAdmin webmaster@localhost
    DocumentRoot /var/www/html

    # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
    # error, crit, alert, emerg.
    # It is also possible to configure the loglevel for particular
    # modules, e.g.
    #LogLevel info ssl:warn

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    # For most configuration files from conf-available/, which are
    # enabled or disabled at a global level, it is possible to
    # include a line for only one particular virtual host. For example the
    # following line enables the CGI configuration for this host only
    # after it has been globally disabled with "a2disconf".
    #Include conf-available/serve-cgi-bin.conf

RewriteEngine on
RewriteCond %{SERVER_NAME} =domain.nl [OR]
RewriteCond %{SERVER_NAME} =www.domain.nl
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

i removed all the Rewrite options and check for mistakes after that i reinstalled the SSL with the command you’ve sended

this is what i get when i command: “apache2ctl configtest”

AH00526: Syntax error on line 41 of /etc/apache2/sites-enabled/domain.nl-le-ssl.conf:
SSLCertificateFile: file ‘/etc/letsencrypt/live/domain.nl/fullchain.pem’ does not exist or is empty
Action ‘configtest’ failed.
The Apache error log may have more information.

but i checked my fullchain.pem and it is there. i can cat the fullchain.pem

i’ve already fixed the problem

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.