Problem with subdomains


#1

Hello,

I started using letsencrypt in my server.

I have 3 domains:

domain.org -> /var/www/domain
www.domain.org -> /var/www/domain
test.domain.org -> -> /var/www/testdomain

I use cerbot and run the following command:

cerbot --apache -d domain.org -d www.domain.org -d test.domain.org

when I did that, and tried to access domain.org firefoz gives the error: “The website is not configured correctly and it is not secure…”

So I had to delete all le-ssl.conf files and ran:

cerbot --apache -d domain.org -d www.domain.org

And the domain.org started working properly, no errors shown in firefox. But now, if I access http://test.domain.org it redirects to https://test.domain.org and intead of using the directory /var/www/testdomain which is the correct for it, it uses /var/www/domain

I then tried

cerbot --apache -d test.domain.org

But the firefox error comes along when I try to access domain.org.

Has anyone any idea what may be happening? Any workaround?

Here is my test.domain.org.conf

<VirtualHost *:80>
        # The ServerName directive sets the request scheme, hostname and port that
        # the server uses to identify itself. This is used when creating
        # redirection URLs. In the context of virtual hosts, the ServerName
        # specifies what hostname must appear in the request's Host: header to
        # match this virtual host. For the default virtual host (this file) this
        # value is not decisive as it is used as a last resort host regardless.
        # However, you must set it for any further virtual host explicitly.
        #ServerName www.example.com

        ServerAdmin something@domain.org
        ServerName test.domain.org
        ServerAlias domain.org
        DocumentRoot /var/www/testdomain

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

        # For most configuration files from conf-available/, which are
        # enabled or disabled at a global level, it is possible to
        # include a line for only one particular virtual host. For example the
        # following line enables the CGI configuration for this host only
        # after it has been globally disabled with "a2disconf".
        #Include conf-available/serve-cgi-bin.conf
</VirtualHost>

And here is my domain.org-le-ssl.conf

<IfModule mod_ssl.c>
<VirtualHost *:443>

        ServerAdmin something@domain.org
        ServerName domain.org
        ServerAlias www.domain.org
        DocumentRoot /var/www/domain


        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

RewriteEngine on
# Some rewrite rules in this file were disabled on your HTTPS site,
# because they have the potential to create redirection loops.

# RewriteCond %{SERVER_NAME} =domain.org [OR]
# RewriteCond %{SERVER_NAME} =www.domain.org
# RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
Include /etc/letsencrypt/options-ssl-apache.conf
Include /etc/letsencrypt/options-ssl-apache.conf
Include /etc/letsencrypt/options-ssl-apache.conf
Include /etc/letsencrypt/options-ssl-apache.conf
Include /etc/letsencrypt/options-ssl-apache.conf
Include /etc/letsencrypt/options-ssl-apache.conf
Include /etc/letsencrypt/options-ssl-apache.conf
Include /etc/letsencrypt/options-ssl-apache.conf
Include /etc/letsencrypt/options-ssl-apache.conf
Include /etc/letsencrypt/options-ssl-apache.conf
Include /etc/letsencrypt/options-ssl-apache.conf
Include /etc/letsencrypt/options-ssl-apache.conf
Include /etc/letsencrypt/options-ssl-apache.conf
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/domain.org/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/domain.org/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>

Many thanks


#2

Your test domain is only bound to port 80.
Your 443 binding needs to include:
“serverAlias test.domain.org

Also, why does it include
Include /etc/letsencrypt/options-ssl-apache.conf
15 times?


#3

Certbot bug. It was fixed in 0.22.0.


#4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.