Secured Connection but ERR_TOO_MANY_REDIRECTS on HTTP and HTTPS

Help
21

Alright. I probably lost all the html files.

Anywho.

Going back to the issue of you having two active SSL files using the same domain name, I deleted one of the port 443 nameserver vhost by running
sudo rm /etc/apache2/sites-enabled/000-default-le-ssl.conf

When I go to ‘apachectl -S’, this is what I get:
VirtualHost configuration:
*:443 mukinoy.com (/etc/apache2/sites-enabled/default-ssl.conf:2)
ServerRoot: “/etc/apache2”
Main DocumentRoot: “/var/www/html”
Main ErrorLog: “/var/log/apache2/error.log”
Mutex default: dir="/var/lock/apache2" mechanism=fcntl
Mutex mpm-accept: using_defaults
Mutex watchdog-callback: using_defaults
Mutex rewrite-map: using_defaults
Mutex ssl-stapling-refresh: using_defaults
Mutex ssl-stapling: using_defaults
Mutex ssl-cache: using_defaults
PidFile: “/var/run/apache2/apache2.pid”
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name=“www-data” id=33
Group: name=“www-data” id=33

Has this fixed the issue of duplicated definitions?

22

That is not the preferred way to "delete" config files.

23

What is the preferred way?

Has this fixed the issue of duplicated definitions?

24

The proper way is to “enable” or “disable” them using:
a2ensite vhost
a2dissite vhost

25

And again, we are getting side-tracked.
So, you used a sledgehammer to "delete" the file - no worries.
Let's move on to the problem at hand.

...maybe...
What does say:
apachectl -S

26

It shows this:

image
image1138×720 101 KB

27

This is much better.
Can you now get a cert/renew existing cert?

28

Yay! Do you mean by running sudo certbot renew --dry-run?

1 Like
29

Yes, please try that now.

30

image
image.png1134×798 86 KB

This is what it shows!

But would you mind explaining how the connections went back to not secure?

image
image.jpg2020×1590 254 KB

Thank you for your patience :slight_smile:

1 Like
31

--dry-run only simulates an action.
Now that we know it will work, go ahead and do it for real:
certbot renew

32

Here it is:

image
image1126×446 35.7 KB

33

well that is good news.
Please show:
certbot certificates
[to review them]

And let's get further into...

34

Thank goodness. Here:

image
image1142×308 38.5 KB

35

Excellent - that renewed like yesterday.

Now about the secure/insecure.
Please show the vhost config for port 80.
[I think it was named …default…]
Look in /etc/apache2/sites-enabled/
[not the SSL file]

36

I think you chose to delete the wrong file:
sudo rm /etc/apache2/sites-enabled/000-default-le-ssl.conf

But we can fix that.
Please show:
ls -l /etc/apache2/sites-enabled/

37

This is what comes up:
total 0

lrwxrwxrwx 1 root root 35 Nov 17 00:46 **default-ssl.conf** -> ../sites-available/default-ssl.conf

As for /etc/apache2/sites-enabled/:

image
image1126×1560 211 KB

38

OK that site is using the wrong cert.
We can either:

  • modify it manually to use the correct cert
  • delete it and have cerbot recreate a new file

Your choice.

39

How can we do this? I don't want to delete things anymore because I might accidentally delete a web folder again without realizing :--(

1 Like
40

Using your fav editor (I use VI), edit file:
/etc/apache2/sites-enabled/default-ssl.conf
and replace the file locations for:

SSLCertificateFile    /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key

with:

SSLCertificateFile    /etc/letsencrypt/live/munikoy.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/munikoy.com/privkey.pem

Then reload/restart Apache.