i am sorry because of my possibly stupid question but i am not able to figure out what i am doing wrong and hope you to give me some hint. Also sorry for my bad english.
I want to install lets encrypt certificate on my server, using a tld and a subdomain.
These are the two vhost config files in /etc/apache2/sites-available
nextcloud.conf
<VirtualHost *:80>
DocumentRoot /var/www/nextcloud/
ServerName cloud.dennisbuehler.de
ServerAdmin dennisbuehler@mailbox.org
<Directory /var/www/nextcloud/>
Require all granted
AllowOverride All
Options FollowSymLinks MultiViews
<IfModule mod_dav.c>
Dav off
</IfModule>
</Directory>
ErrorLog ${APACHE_LOG_DIR}/nextcloud-error.log
CustomLog ${APACHE_LOG_DIR}/nextcloud-access.log combined
</VirtualHost>
i only can install a certificate for nextcloud subdomain but not for the tld. When i choose Redirect Certbot says..
Failed redirect for dennisbuehler.de
Unable to set enhancement redirect for dennisbuehler.de
Unable to find corresponding HTTP vhost; Unable to create one as intended addresses conflict; Current configuration does not support automated redirection
Both *conf files are enabled with a2ensite, 000-default.conf is disabled with a2dissite..
...and i do not understand what i am doing wrong or what i have to change. Perhaps someone is kind to help me. i would be really thankfull.
Hey @schoen@rg305 thank you so much for trying to help me.
ls -l /etc/apache2/sites-enabled says..
total 0
lrwxrwxrwx 1 root root 37 Mar 21 19:16 dennisbuehler.conf -> ../sites-available/dennisbuehler.conf
lrwxrwxrwx 1 root root 33 Mar 20 19:23 nextcloud.conf -> ../sites-available/nextcloud.conf
lrwxrwxrwx 1 root root 50 Mar 11 12:00 nextcloud-le-ssl.conf -> /etc/apache2/sites-available/nextcloud-le-ssl.conf
apachectl -t -D DUMP_VHOSTS says...
VirtualHost configuration:
*:443 cloud.dennisbuehler.de (/etc/apache2/sites-enabled/nextcloud-le-ssl.conf:2)
*:80 is a NameVirtualHost
default server dennisbuehler.de (/etc/apache2/sites-enabled/dennisbuehler.conf:1)
port 80 namevhost dennisbuehler.de (/etc/apache2/sites-enabled/dennisbuehler.conf:1)
port 80 namevhost cloud.dennisbuehler.de (/etc/apache2/sites-enabled/nextcloud.conf:1)
Usually you would have been presented with a questionnaire when opening a thread in the #help section. Maybe it didn't show up, or maybe you deleted it for some weird reason. But let's get it back anyway:
Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:
I ran this command:
It produced this output:
My web server is (include version):
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Which names would you like to activate HTTPS for?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: dennisbuehler.de
2: cloud.dennisbuehler.de
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel):
Cert not yet due for renewal
You have an existing certificate that has exactly the same domains or certificate name you requested and isn't close to expiry.
(ref: /etc/letsencrypt/renewal/dennisbuehler.de.conf)
What would you like to do?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: Attempt to reinstall this existing certificate
2: Renew & replace the cert (limit ~5 per 7 days)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 1
Keeping the existing certificate
Deploying Certificate to VirtualHost /etc/apache2/sites-enabled/nextcloud-le-ssl.conf
Deploying Certificate to VirtualHost /etc/apache2/sites-enabled/nextcloud-le-ssl.conf
Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2
Failed redirect for dennisbuehler.de
Unable to set enhancement redirect for dennisbuehler.de
Unable to find corresponding HTTP vhost; Unable to create one as intended addresses conflict; Current configuration does not support automated redirection
IMPORTANT NOTES:
- We were unable to set up enhancement redirect for your server,
however, we successfully installed your certificate.
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/dennisbuehler.de/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/dennisbuehler.de/privkey.pem
Your cert will expire on 2023-06-18. To obtain a new or tweaked
version of this certificate in the future, simply run certbot again
with the "certonly" option. To non-interactively renew *all* of
your certificates, run "certbot renew"
My webserver is;
Server version: Apache/2.4.41 (Ubuntu)
Server built: 2023-03-08T17:32:54
