Hello,
Excuse me, I don't know this question is OK for here or not. I want to redirect an IP address to a website with Apache. I'm using Let's Encrypt and configured Apache for this task but when I entered the IP address in the browser then it show me " Your connection is not private". I want to know can it because of I did Let's Encrypt wrong?
Thank you.
Hi @Hack3rcon,
This is a frequently asked question here, although I don't have a prior thread about it bookmarked,
The short answer is that this behavior is expected. Let's Encrypt doesn't issue certificates for IP addresses, and the certificate covers specific names. The browser matches the name, not the IP address, when validating a certificate. That means that you can have different ways of accessing the same server (under different addresses) where some of them succeed and others fail. This includes accessing it by IP address.
There are a couple of paid CAs that may be able to issue a certificate for an IP address; the browser won't accept this for HTTPS otherwise. Typically the recommended solution is simply to always access your site by name, not IP address, when trying to connect with HTTPS.
Note: Let's Encrypt currently is planning on supporting IP addresses in their certificates: https://letsencrypt.org/upcoming-features/#ip-addresses-in-certificates
No clue when though..
Thank you.
When it is ready?
Thus, a configuration like below is useless:
<VirtualHost *:80>
RewriteEngine On
RewriteCond %{HTTP_HOST} !^1\.2\.3\.4$
RewriteRule /.* https://mydomain.com/ [R]
</VirtualHost>?
I literally said that I don't know when.
No, because that's your HTTP (port 80) virtualhost, so you're redirecting from HTTP IP address to HTTPS hostname. That's fine and will work if people type in your IP address in their browser.
However, it doesn't redirect from your IP address through HTTPS to your hostname. That would be the port 443 virtualhost, but you wouldn't be able to get a Let's Encrypt certificate for that IP address, currently. Nut sure when people deliberately would type https://1.2.3.4 in their address bar though.
I'm pretty sure this prevents redirection to https if the hostname is 1.2.3.4. Correct me if I'm wrong though.
Syntax: RewriteCond TestString CondPattern [flags]
You can prefix the pattern string with a '!' character (exclamation mark) to negate the result of the condition, no matter what kind of CondPattern is used.
https://httpd.apache.org/docs/current/mod/mod_rewrite.html#rewritecond
No, that redirects http to https unless IP address 1.2.3.4 is used.
When I enter the IP address of the server in the Browser then it show me “Your Connection Is Not Private”.
How can I fix it?
Can you edit that configuration?
To get HTTPS, you would need a certificate for an IP address, which Let's Encrypt currently doesn't offer. I've heard rumor somewhere that they might in the future, but as to when that may be I am unsure.
If you're just trying to harden your configuration, you could try just refusing direct IP connections outright, unless you have some need for them.
<VirtualHost *:80>
RewriteEngine On
RewriteCond %{HTTP_HOST} ^1\.2\.3\.4$
RewriteRule ^ - [F]
RewriteRule ^ https://mydomain.com%{REQUEST_URI} [QSA,R=301,L]
</VirtualHost>
You could also try this. It may work for you.
<VirtualHost *:80>
RewriteEngine On
RewriteRule ^ https://mydomain.com%{REQUEST_URI} [QSA,R=301,L]
</VirtualHost>
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.