Made some progress. I was able to install the certificate, but can’t login. Please check https://quantumstat.us/auth/login. If you try to login with any username and password you get

This page isn’t working

quantumstat.us didn’t send any data.

ERR_EMPTY_RESPONSE

in Chrome.

I’d appreciate the help. Below is what is in the log. It reads “mod_md support is unavailable.” Could this be the problem?

[Thu Feb 21 02:36:20.659925 2019] [ssl:info] [pid 9118:tid 139991896505280] AH01914: Configuring server quantumstat.us:443 for SSL protocol

[Thu Feb 21 02:36:20.662104 2019] [ssl:debug] [pid 9118:tid 139991896505280] ssl_engine_init.c(1701): AH10083: Init: (quantumstat.us:443) mod_md support is unavailable.

[Thu Feb 21 02:36:20.662347 2019] [ssl:debug] [pid 9118:tid 139991896505280] ssl_engine_init.c(479): AH01893: Configuring TLS extension handling

[Thu Feb 21 02:36:20.662615 2019] [ssl:debug] [pid 9118:tid 139991896505280] ssl_util_ssl.c(476): AH02412: [quantumstat.us:443] Cert matches for name ‘quantumstat.us’ [subject: CN=quantumstat.us / issuer: CN=Let’s Encrypt Authority X3,O=Let’s Encrypt,C=US / serial: 03FE51E9AEFF3533CE4E2528B14DEDB10FF9 / notbefore: Feb 21 00:00:18 2019 GMT / notafter: May 22 00:00:18 2019 GMT]

[Thu Feb 21 02:36:20.662625 2019] [ssl:info] [pid 9118:tid 139991896505280] AH02568: Certificate and private key quantumstat.us:443:0 configured from /etc/letsencrypt/live/quantumstat.us/fullchain.pem and /etc/letsencrypt/live/quantumstat.us/privkey.pem

[Thu Feb 21 02:36:20.686294 2019] [ssl:info] [pid 9119:tid 139991896505280] AH01914: Configuring server quantumstat.us:443 for SSL protocol

[Thu Feb 21 02:36:20.686319 2019] [ssl:debug] [pid 9119:tid 139991896505280] ssl_engine_init.c(1701): AH10083: Init: (quantumstat.us:443) mod_md support is unavailable.

[Thu Feb 21 02:36:20.686451 2019] [ssl:debug] [pid 9119:tid 139991896505280] ssl_engine_init.c(479): AH01893: Configuring TLS extension handling

[Thu Feb 21 02:36:20.686668 2019] [ssl:debug] [pid 9119:tid 139991896505280] ssl_util_ssl.c(476): AH02412: [quantumstat.us:443] Cert matches for name ‘quantumstat.us’ [subject: CN=quantumstat.us / issuer: CN=Let’s Encrypt Authority X3,O=Let’s Encrypt,C=US / serial: 03FE51E9AEFF3533CE4E2528B14DEDB10FF9 / notbefore: Feb 21 00:00:18 2019 GMT / notafter: May 22 00:00:18 2019 GMT]

[Thu Feb 21 02:36:20.686680 2019] [ssl:info] [pid 9119:tid 139991896505280] AH02568: Certificate and private key quantumstat.us:443:0 configured from /etc/letsencrypt/live/quantumstat.us/fullchain.pem and /etc/letsencrypt/live/quantumstat.us/privkey.pem

[Thu Feb 21 02:36:26.172337 2019] [ssl:info] [pid 9121:tid 139991757870848] [client 98.7.70.54:38615] AH01964: Connection to child 5 established (server quantumstat.us:443)

[Thu Feb 21 02:36:26.172866 2019] [socache_shmcb:debug] [pid 9121:tid 139991757870848] mod_socache_shmcb.c(532): AH00835: socache_shmcb_retrieve (0x50 -> subcache 16)

[Thu Feb 21 02:36:26.172905 2019] [socache_shmcb:debug] [pid 9121:tid 139991757870848] mod_socache_shmcb.c(917): AH00851: shmcb_subcache_retrieve found no match

[Thu Feb 21 02:36:26.172913 2019] [socache_shmcb:debug] [pid 9121:tid 139991757870848] mod_socache_shmcb.c(542): AH00836: leaving socache_shmcb_retrieve successfully

[Thu Feb 21 02:36:26.172952 2019] [ssl:debug] [pid 9121:tid 139991757870848] ssl_engine_kernel.c(2141): [client 98.7.70.54:38615] AH02043: SSL virtual host for servername quantumstat.us found

[Thu Feb 21 02:36:26.173011 2019] [ssl:debug] [pid 9121:tid 139991757870848] ssl_engine_kernel.c(2141): [client 98.7.70.54:38615] AH02043: SSL virtual host for servername quantumstat.us found

[Thu Feb 21 02:36:26.173020 2019] [core:debug] [pid 9121:tid 139991757870848] protocol.c(2314): [client 98.7.70.54:38615] AH03155: select protocol from , choices=h2,http/1.1 for server quantumstat.us

[Thu Feb 21 02:36:26.176510 2019] [ssl:info] [pid 9121:tid 139991749478144] [client 98.7.70.54:38928] AH01964: Connection to child 6 established (server quantumstat.us:443)

[Thu Feb 21 02:36:26.176737 2019] [socache_shmcb:debug] [pid 9121:tid 139991749478144] mod_socache_shmcb.c(532): AH00835: socache_shmcb_retrieve (0x02 -> subcache 2)

[Thu Feb 21 02:36:26.176755 2019] [socache_shmcb:debug] [pid 9121:tid 139991749478144] mod_socache_shmcb.c(917): AH00851: shmcb_subcache_retrieve found no match

[Thu Feb 21 02:36:26.176761 2019] [socache_shmcb:debug] [pid 9121:tid 139991749478144] mod_socache_shmcb.c(542): AH00836: leaving socache_shmcb_retrieve successfully

[Thu Feb 21 02:36:26.176779 2019] [ssl:debug] [pid 9121:tid 139991749478144] ssl_engine_kernel.c(2141): [client 98.7.70.54:38928] AH02043: SSL virtual host for servername quantumstat.us found

[Thu Feb 21 02:36:26.176823 2019] [ssl:debug] [pid 9121:tid 139991749478144] ssl_engine_kernel.c(2141): [client 98.7.70.54:38928] AH02043: SSL virtual host for servername quantumstat.us found

[Thu Feb 21 02:36:26.176831 2019] [core:debug] [pid 9121:tid 139991749478144] protocol.c(2314): [client 98.7.70.54:38928] AH03155: select protocol from , choices=h2,http/1.1 for server quantumstat.us

[Thu Feb 21 02:36:26.191444 2019] [ssl:debug] [pid 9121:tid 139991757870848] ssl_engine_kernel.c(2069): [client 98.7.70.54:38615] AH02041: Protocol: TLSv1.2, Cipher: ECDHE-RSA-CHACHA20-POLY1305 (256/256 bits)

[Thu Feb 21 02:36:26.196069 2019] [ssl:debug] [pid 9121:tid 139991749478144] ssl_engine_kernel.c(2069): [client 98.7.70.54:38928] AH02041: Protocol: TLSv1.2, Cipher: ECDHE-RSA-CHACHA20-POLY1305 (256/256 bits)

[Thu Feb 21 02:36:26.207532 2019] [ssl:debug] [pid 9121:tid 139991757870848] ssl_engine_kernel.c(377): [client 98.7.70.54:38615] AH02034: Initial (No.1) HTTPS request received for child 5 (server quantumstat.us:443)

[Thu Feb 21 02:36:26.207656 2019] [authz_core:debug] [pid 9121:tid 139991757870848] mod_authz_core.c(820): [client 98.7.70.54:38615] AH01626: authorization result of Require all granted: granted

[Thu Feb 21 02:36:26.207665 2019] [authz_core:debug] [pid 9121:tid 139991757870848] mod_authz_core.c(820): [client 98.7.70.54:38615] AH01626: authorization result of <RequireAny>: granted

[Thu Feb 21 02:36:26.207752 2019] [authz_core:debug] [pid 9121:tid 139991757870848] mod_authz_core.c(820): [client 98.7.70.54:38615] AH01626: authorization result of Require all granted: granted

[Thu Feb 21 02:36:26.207759 2019] [authz_core:debug] [pid 9121:tid 139991757870848] mod_authz_core.c(820): [client 98.7.70.54:38615] AH01626: authorization result of <RequireAny>: granted

[Thu Feb 21 02:36:26.215693 2019] [wsgi:info] [pid 9121:tid 139991757870848] [client 98.7.70.54:38615] mod_wsgi (pid=9121, process=’’, application=‘quantumstat.us|’): Loading WSGI script ‘/var/www/html/researchcenter/researchcenter.wsgi’.

[Thu Feb 21 02:36:26.785989 2019] [deflate:debug] [pid 9121:tid 139991757870848] mod_deflate.c(853): [client 98.7.70.54:38615] AH01384: Zlib: Compressed 7073 to 2116 : URL /auth/login

[Thu Feb 21 02:36:26.863440 2019] [ssl:debug] [pid 9121:tid 139991741085440] ssl_engine_kernel.c(377): [client 98.7.70.54:38615] AH02034: Subsequent (No.2) HTTPS request received for child 7 (server quantumstat.us:443), referer: https://quantumstat.us/auth/login?next=%2F

[Thu Feb 21 02:36:26.863561 2019] [authz_core:debug] [pid 9121:tid 139991741085440] mod_authz_core.c(820): [client 98.7.70.54:38615] AH01626: authorization result of Require all granted: granted, referer: https://quantumstat.us/auth/login?next=%2F

[Thu Feb 21 02:36:26.863570 2019] [authz_core:debug] [pid 9121:tid 139991741085440] mod_authz_core.c(820): [client 98.7.70.54:38615] AH01626: authorization result of <RequireAny>: granted, referer: https://quantumstat.us/auth/login?next=%2F

[Thu Feb 21 02:36:26.864316 2019] [deflate:debug] [pid 9121:tid 139991741085440] mod_deflate.c(853): [client 98.7.70.54:38615] AH01384: Zlib: Compressed 16500 to 4325 : URL /static/css/research-center.css, referer: https://quantumstat.us/auth/login?next=%2F

[Thu Feb 21 02:36:26.864540 2019] [ssl:debug] [pid 9121:tid 139991749478144] ssl_engine_kernel.c(377): [client 98.7.70.54:38928] AH02034: Initial (No.1) HTTPS request received for child 6 (server quantumstat.us:443), referer: https://quantumstat.us/auth/login?next=%2F

[Thu Feb 21 02:36:26.864588 2019] [authz_core:debug] [pid 9121:tid 139991749478144] mod_authz_core.c(820): [client 98.7.70.54:38928] AH01626: authorization result of Require all granted: granted, referer: https://quantumstat.us/auth/login?next=%2F

[Thu Feb 21 02:36:26.864594 2019] [authz_core:debug] [pid 9121:tid 139991749478144] mod_authz_core.c(820): [client 98.7.70.54:38928] AH01626: authorization result of <RequireAny>: granted, referer: https://quantumstat.us/auth/login?next=%2F

[Thu Feb 21 02:36:26.882850 2019] [ssl:debug] [pid 9121:tid 139991732692736] ssl_engine_kernel.c(377): [client 98.7.70.54:38615] AH02034: Subsequent (No.3) HTTPS request received for child 8 (server quantumstat.us:443), referer: https://quantumstat.us/auth/login?next=%2F

[Thu Feb 21 02:36:26.882987 2019] [authz_core:debug] [pid 9121:tid 139991732692736] mod_authz_core.c(820): [client 98.7.70.54:38615] AH01626: authorization result of Require all granted: granted, referer: https://quantumstat.us/auth/login?next=%2F

[Thu Feb 21 02:36:26.882994 2019] [authz_core:debug] [pid 9121:tid 139991732692736] mod_authz_core.c(820): [client 98.7.70.54:38615] AH01626: authorization result of <RequireAny>: granted, referer: https://quantumstat.us/auth/login?next=%2F

[Thu Feb 21 02:36:26.883728 2019] [deflate:debug] [pid 9121:tid 139991732692736] mod_deflate.c(853): [client 98.7.70.54:38615] AH01384: Zlib: Compressed 19368 to 3494 : URL /static/js/research-center.js, referer: https://quantumstat.us/auth/login?next=%2F

[Thu Feb 21 02:36:26.898858 2019] [ssl:info] [pid 9122:tid 139991869302528] [client 98.7.70.54:43847] AH01964: Connection to child 64 established (server quantumstat.us:443)

[Thu Feb 21 02:36:26.899391 2019] [ssl:debug] [pid 9122:tid 139991869302528] ssl_engine_kernel.c(2141): [client 98.7.70.54:43847] AH02043: SSL virtual host for servername quantumstat.us found

[Thu Feb 21 02:36:26.899437 2019] [ssl:debug] [pid 9122:tid 139991869302528] ssl_engine_kernel.c(2141): [client 98.7.70.54:43847] AH02043: SSL virtual host for servername quantumstat.us found

[Thu Feb 21 02:36:26.899445 2019] [core:debug] [pid 9122:tid 139991869302528] protocol.c(2314): [client 98.7.70.54:43847] AH03155: select protocol from , choices=h2,http/1.1 for server quantumstat.us

[Thu Feb 21 02:36:26.918296 2019] [ssl:debug] [pid 9122:tid 139991869302528] ssl_engine_kernel.c(2069): [client 98.7.70.54:43847] AH02041: Protocol: TLSv1.2, Cipher: ECDHE-RSA-CHACHA20-POLY1305 (256/256 bits)

[Thu Feb 21 02:36:31.790837 2019] [ssl:debug] [pid 9121:tid 139991724300032] ssl_engine_io.c(1103): [client 98.7.70.54:38615] AH02001: Connection closed to child 9 with standard shutdown (server quantumstat.us:443)

[Thu Feb 21 02:36:31.790994 2019] [ssl:debug] [pid 9121:tid 139991724300032] ssl_engine_io.c(1103): [client 98.7.70.54:38928] AH02001: Connection closed to child 9 with standard shutdown (server quantumstat.us:443)

[Thu Feb 21 02:36:46.938484 2019] [reqtimeout:info] [pid 9122:tid 139991869302528] [client 98.7.70.54:43847] AH01382: Request header read timeout

[Thu Feb 21 02:36:46.938650 2019] [ssl:debug] [pid 9122:tid 139991869302528] ssl_engine_io.c(1103): [client 98.7.70.54:43847] AH02001: Connection closed to child 64 with standard shutdown (server quantumstat.us:443)

[Thu Feb 21 02:36:47.542184 2019] [ssl:info] [pid 9122:tid 139991852517120] [client 98.7.70.54:33174] AH01964: Connection to child 66 established (server quantumstat.us:443)

[Thu Feb 21 02:36:47.542485 2019] [ssl:debug] [pid 9122:tid 139991852517120] ssl_engine_kernel.c(2141): [client 98.7.70.54:33174] AH02043: SSL virtual host for servername quantumstat.us found

[Thu Feb 21 02:36:47.542511 2019] [ssl:debug] [pid 9122:tid 139991852517120] ssl_engine_kernel.c(2141): [client 98.7.70.54:33174] AH02043: SSL virtual host for servername quantumstat.us found

[Thu Feb 21 02:36:47.542516 2019] [core:debug] [pid 9122:tid 139991852517120] protocol.c(2314): [client 98.7.70.54:33174] AH03155: select protocol from , choices=h2,http/1.1 for server quantumstat.us

[Thu Feb 21 02:36:47.542673 2019] [ssl:info] [pid 9122:tid 139991774656256] [client 98.7.70.54:40193] AH01964: Connection to child 67 established (server quantumstat.us:443)

[Thu Feb 21 02:36:47.542832 2019] [ssl:debug] [pid 9122:tid 139991774656256] ssl_engine_kernel.c(2141): [client 98.7.70.54:40193] AH02043: SSL virtual host for servername quantumstat.us found

[Thu Feb 21 02:36:47.542854 2019] [ssl:debug] [pid 9122:tid 139991774656256] ssl_engine_kernel.c(2141): [client 98.7.70.54:40193] AH02043: SSL virtual host for servername quantumstat.us found

[Thu Feb 21 02:36:47.542858 2019] [core:debug] [pid 9122:tid 139991774656256] protocol.c(2314): [client 98.7.70.54:40193] AH03155: select protocol from , choices=h2,http/1.1 for server quantumstat.us

[Thu Feb 21 02:36:47.557212 2019] [ssl:debug] [pid 9122:tid 139991774656256] ssl_engine_kernel.c(2069): [client 98.7.70.54:40193] AH02041: Protocol: TLSv1.2, Cipher: ECDHE-RSA-CHACHA20-POLY1305 (256/256 bits)

[Thu Feb 21 02:36:47.557330 2019] [ssl:debug] [pid 9122:tid 139991852517120] ssl_engine_kernel.c(2069): [client 98.7.70.54:33174] AH02041: Protocol: TLSv1.2, Cipher: ECDHE-RSA-CHACHA20-POLY1305 (256/256 bits)

[Thu Feb 21 02:36:47.557446 2019] [ssl:debug] [pid 9122:tid 139991852517120] ssl_engine_kernel.c(377): [client 98.7.70.54:33174] AH02034: Initial (No.1) HTTPS request received for child 66 (server quantumstat.us:443), referer: https://quantumstat.us/auth/login?next=%2F

[Thu Feb 21 02:36:47.557530 2019] [authz_core:debug] [pid 9122:tid 139991852517120] mod_authz_core.c(820): [client 98.7.70.54:33174] AH01626: authorization result of Require all granted: granted, referer: https://quantumstat.us/auth/login?next=%2F

[Thu Feb 21 02:36:47.557539 2019] [authz_core:debug] [pid 9122:tid 139991852517120] mod_authz_core.c(820): [client 98.7.70.54:33174] AH01626: authorization result of <RequireAny>: granted, referer: https://quantumstat.us/auth/login?next=%2F

[Thu Feb 21 02:36:47.557619 2019] [authz_core:debug] [pid 9122:tid 139991852517120] mod_authz_core.c(820): [client 98.7.70.54:33174] AH01626: authorization result of Require all granted: granted, referer: https://quantumstat.us/auth/login?next=%2F

[Thu Feb 21 02:36:47.557625 2019] [authz_core:debug] [pid 9122:tid 139991852517120] mod_authz_core.c(820): [client 98.7.70.54:33174] AH01626: authorization result of <RequireAny>: granted, referer: https://quantumstat.us/auth/login?next=%2F

[Thu Feb 21 02:36:47.565686 2019] [wsgi:info] [pid 9122:tid 139991852517120] [client 98.7.70.54:33174] mod_wsgi (pid=9122, process=’’, application=‘quantumstat.us|’): Loading WSGI script ‘/var/www/html/researchcenter/researchcenter.wsgi’., referer: https://quantumstat.us/auth/login?next=%2F

I have a response. The SSL doesn't work. But not more specific.

Looks like you have different servers - the first is correct, the second is wrong (no SSL connection).

And a proxy in front of these, who switches. So external users with the same url - one time they see something, one time they see nothing.

@JuergenAuer - yes, you’re correct. I have 2 servers, one for quantumstat.com and the other one for quantumstat.us. quantumstat.com is a WordPress website with the ssl certificate installed . quantumstat.us is a Flask application and I can’t make the ssl certificate to work. Could you please advise on how I can debug it? Thank you.

I have no idea how this Flask application works. But you have three options:

• there is a webroot, so the ACME-client can create a file under /.well-known/acme-challenge
• you use dns-01 - validation, so a DNS txt entry is required
• you use tls-alpn-01 - validation. But I don't know enough about that, acme.sh supports that

PS: Rechecked your domain ( https://check-your-website.server-daten.de/?q=quantumstat.us ) there is an Apache.

/.well-known/acme-challenge is open and looks ok. So webroot should always work. But I have already posted all checks (create a file) and certbot commands to use.

Maybe you have changed your config in the last days.

@JuergenAuer

• I am now able to retrieve the 1234 text file I created as you suggested: http://quantumstat.us/.well-known/acme-challenge/1234.txt. So I found the webroot.

• I shouldn’t have a problem with the webroot because I was able to install the certificate. I get the following when I verify it:

[Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/quantumstat.us/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/quantumstat.us/privkey.pem
Your cert will expire on 2019-05-23. To obtain a new or tweaked
version of this certificate in the future, simply run certbot
again. To non-interactively renew all of your certificates, run
“certbot renew”]

I added the following on apache2.conf file:

AliasMatch ^/.well-known/acme-challenge/(.*)$ /var/www/html/researchcenter/app/static/.well-known/acme-challenge/$1

I added the following on researchcenter-le-ssl.conf (I’m assuming I can have mulitple Alias on this file):

Alias /.well-known/acme-challenge/ /var/www/html/researchcenter/app/static/.well-known/acme-challenge/
<Directory “/var/www/html/researchcenter/app/static/.well-known/acme-challenge/”>
Options None
AllowOverride None
ForceType text/plain
RedirectMatch 404 “^(?!/.well-known/acme-challenge/[\w-]{43}$)”

I added the following on virtual hosts file called researchcenter.conf to create a redirect:
<VirtualHost *:80>
ServerName quantumstat.us
ServerAlias www.quantumstat.us
Redirect permanent / https://quantumstat.us

So, I have 2 configuration files, researchcenter.conf and researchcenter-le-ssl.conf. researchcenter.conf sets the redirect and researchcenter-le-ssl.conf sets the virtual host that listens to 443. Is this correct?

I have 3 problems:

1. Can’t login, although I can retrieve images such as https://quantumstat.us/static/images/qs-icon.png and files such as https://quantumstat.us/static/css/research-center.css

2. Can’t redirect http:// to https:// although I included Redirect permanent / https://quantumstat.us o the conf file (please see above)

3. /.well-known/acme-challenge/ was never generated by let’sEncript; I added it manually.

Please help. Thank you in advance.

Yep, your certificate

CN=quantumstat.us
	23.02.2019
	24.05.2019
expires in 89 days	quantumstat.us, www.quantumstat.us - 2 entries

is now ok, your both https connections are secure.

But that

looks like it doesn't work. Rechecked your website

there is a redirect to the login form. Looks that your vHost isn't used, instead another vHost is used.

Result: You have Grade H, because there is no redirect http -> https.

Do you have other vHosts with the same ServerName?

A combination of vHost and port must be unique.

The third problem - ignore it if the certificate creation doesn't work.

That's with your login is curious. Is there another, second webserver? I don't understand that "empty result".

Chrome says (after login with test/test):

ERR_EMPTY_RESPONSE

Looks like your application has an error and sends nothing back. Not a page, not a http status code. So a browser doesn't know what to do.

Good news! Thank you.

In order to access quantumstat.us, we need to be logged in. So, quantumstat.us redirects to the login page because we're not logged in.

RE: "Looks that your vHost isn’t used, instead another vHost is used." I have 2 vhosts:

researchcenter.config:
<VirtualHost *:80>
ServerName quantumstat.us
ServerAlias www.quantumstat.us
Redirect permanent / https://quantumstat.us

and researchcenter-le-ssl.conf:
<IfModule mod_ssl.c>

<VirtualHost *:443>
ServerName quantumstat.us
ServerAlias www.quantumstat.us
ServerAdmin info@quantumstat.com

WSGIScriptAlias / /var/www/html/researchcenter/researchcenter.wsgi
<Directory /var/www/html/researchcenter/app/>
Order allow,deny
Allow from all

Alias /static /var/www/html/researchcenter/app/static
<Directory /var/www/researchcenter/app/static/>
Order allow,deny
Allow from all

ErrorLog /var/www/html/researchcenter/logs/error.log
LogLevel debug
CustomLog /var/www/html/researchcenter/logs/access.log combined

Alias /.well-known/acme-challenge/ /var/www/html/researchcenter/app/static/.well-known/acme-challenge/
<Directory "/var/www/html/researchcenter/app/static/.well-known/acme-challenge/">
Options None
AllowOverride None
ForceType text/plain
RedirectMatch 404 "^(?!/.well-known/acme-challenge/[\w-]{43}$)"

SSLCertificateFile /etc/letsencrypt/live/quantumstat.us/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/quantumstat.us/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf

RE: " Is there another, second webserver?" No, quantumstat.us only uses one server that is droplet from DigitalOcean.

Your redirect redirects only the /. So use something like

RewriteEngine on
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]

in your port 80 block. Then recheck the domain to see if /.well-known/acme-challenge is redirected.

But I think it will not work. Because your current redirect doesn't work, so you must have additional definitions, so that vHost isn't used.

Is there a standard-vHost (port 80 / port 443)?

@JuergenAuer -

I have now just one vhost file:

<VirtualHost *:80>

ServerName quantumstat.us
ServerAlias www.quantumstat.us
Redirect permanent / https://quantumstat.us
RewriteEngine on
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]

<VirtualHost *:443>

ServerName quantumstat.us
ServerAlias www.quantumstat.us
ServerAdmin info@quantumstat.com

WSGIScriptAlias / /var/www/html/researchcenter/researchcenter.wsgi
<Directory /var/www/html/researchcenter/app/>
Order allow,deny
Allow from all

Alias /static /var/www/html/researchcenter/app/static
<Directory /var/www/researchcenter/app/static/>
Order allow,deny
Allow from all

ErrorLog /var/www/html/researchcenter/logs/error.log
LogLevel debug
CustomLog /var/www/html/researchcenter/logs/access.log combined

Alias /.well-known/acme-challenge/ /var/www/html/researchcenter/app/static/.well-known/acme-challenge/
<Directory “/var/www/html/researchcenter/app/static/.well-known/acme-challenge/”>
Options None
AllowOverride None
ForceType text/plain
RedirectMatch 404 “^(?!/.well-known/acme-challenge/[\w-]{43}$)”

SSLCertificateFile /etc/letsencrypt/live/quantumstat.us/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/quantumstat.us/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf

It doesn’t do the redirect. I included RewriteEngine on
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L] inside the port 80 block.

Do you have closing elements?

<VirtualHost *:80>

ServerName quantumstat.us
ServerAlias www.quantumstat.us
Redirect permanent / https://quantumstat.us
RewriteEngine on
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]

</VirtualHost>

Yes, but they don’t display on the message

Use three ` then a new line, then the content, then the next three ``` to close.

‘’’ <IfModule mod_ssl.c>

<VirtualHost *:80>

ServerName quantumstat.us

ServerAlias www.quantumstat.us

Redirect permanent / https://quantumstat.us

RewriteEngine on

RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]

</VirtualHost>

<VirtualHost *:443>

ServerName quantumstat.us

ServerAlias www.quantumstat.us

ServerAdmin info@quantumstat.com

WSGIScriptAlias / /var/www/html/researchcenter/researchcenter.wsgi

<Directory /var/www/html/researchcenter/app/>

Order allow,deny

Allow from all

</Directory>

Alias /static /var/www/html/researchcenter/app/static

<Directory /var/www/researchcenter/app/static/>

Order allow,deny

Allow from all

</Directory>

ErrorLog /var/www/html/researchcenter/logs/error.log

LogLevel debug

CustomLog /var/www/html/researchcenter/logs/access.log combined

Alias /.well-known/acme-challenge/ /var/www/html/researchcenter/app/static/.well-known/acme-challenge/

<Directory “/var/www/html/researchcenter/app/static/.well-known/acme-challenge/”>

Options None

AllowOverride None

ForceType text/plain

RedirectMatch 404 “^(?!/.well-known/acme-challenge/[\w-]{43}$)”

</Directory>

SSLCertificateFile /etc/letsencrypt/live/quantumstat.us/fullchain.pem

SSLCertificateKeyFile /etc/letsencrypt/live/quantumstat.us/privkey.pem

Include /etc/letsencrypt/options-ssl-apache.conf

</VirtualHost>

</IfModule>’’’

Not the Sql ', instead the accent grave - Accent grave è - with a following blank.

<IfModule mod_ssl.c>

<VirtualHost *:80>
	ServerName quantumstat.us
	ServerAlias www.quantumstat.us
	Redirect permanent / https://quantumstat.us
	RewriteEngine on
	RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]
</VirtualHost>

<VirtualHost *:443>
		ServerName quantumstat.us
		ServerAlias www.quantumstat.us
		ServerAdmin info@quantumstat.com
		WSGIScriptAlias / /var/www/html/researchcenter/researchcenter.wsgi
		<Directory /var/www/html/researchcenter/app/>
			Order allow,deny
			Allow from all
		</Directory>
		Alias /static /var/www/html/researchcenter/app/static
		<Directory /var/www/researchcenter/app/static/>
			Order allow,deny
			Allow from all
		</Directory>
		ErrorLog /var/www/html/researchcenter/logs/error.log
		LogLevel debug
		CustomLog /var/www/html/researchcenter/logs/access.log combined
		
		Alias /.well-known/acme-challenge/ /var/www/html/researchcenter/app/static/.well-known/acme-challenge/
		<Directory "/var/www/html/researchcenter/app/static/.well-known/acme-challenge/">
			Options None
			AllowOverride None
			ForceType text/plain
			RedirectMatch 404 "^(?!/\.well-known/acme-challenge/[\w-]{43}$)"
		</Directory>


SSLCertificateFile /etc/letsencrypt/live/quantumstat.us/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/quantumstat.us/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>```

PS: The result - no redirect http -> https, only / -> login. Is there a .htaccess?

I don’t think I have one. At least, I didn’t create one.

I made an adjustment to the code above to include <IfModule mod_ssl.c>
in the beginning. It was missing on this page, but not on the virtual host file

Isn’t it possible that this “flask” ignores all these config files?

Does that has it’s own files?

I’m not sure. I built this flask application using the mega tutorial by Miguel Grinberg. He wrote an article on how to install an ssl certificate in nginx. Please see bottom of the article at https://blog.miguelgrinberg.com/post/running-your-flask-application-over-https

Thank you in advance.