Secured Connection but ERR_TOO_MANY_REDIRECTS on HTTP and HTTPS

Alright. I probably lost all the html files.

Anywho.

Going back to the issue of you having two active SSL files using the same domain name, I deleted one of the port 443 nameserver vhost by running
sudo rm /etc/apache2/sites-enabled/000-default-le-ssl.conf

When I go to ‘apachectl -S’, this is what I get:
VirtualHost configuration:
*:443 mukinoy.com (/etc/apache2/sites-enabled/default-ssl.conf:2)
ServerRoot: “/etc/apache2”
Main DocumentRoot: “/var/www/html”
Main ErrorLog: “/var/log/apache2/error.log”
Mutex default: dir="/var/lock/apache2" mechanism=fcntl
Mutex mpm-accept: using_defaults
Mutex watchdog-callback: using_defaults
Mutex rewrite-map: using_defaults
Mutex ssl-stapling-refresh: using_defaults
Mutex ssl-stapling: using_defaults
Mutex ssl-cache: using_defaults
PidFile: “/var/run/apache2/apache2.pid”
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name=“www-data” id=33
Group: name=“www-data” id=33

Has this fixed the issue of duplicated definitions?

That is not the preferred way to "delete" config files.

What is the preferred way?

Has this fixed the issue of duplicated definitions?

The proper way is to “enable” or “disable” them using:
a2ensite vhost
a2dissite vhost

And again, we are getting side-tracked.
So, you used a sledgehammer to "delete" the file - no worries.
Let's move on to the problem at hand.

...maybe...
What does say:
apachectl -S

It shows this:

This is much better.
Can you now get a cert/renew existing cert?

Yay! Do you mean by running sudo certbot renew --dry-run?

1 Like

Yes, please try that now.


This is what it shows!

But would you mind explaining how the connections went back to not secure?

Thank you for your patience :slight_smile:

1 Like

--dry-run only simulates an action.
Now that we know it will work, go ahead and do it for real:
certbot renew

Here it is:

well that is good news.
Please show:
certbot certificates
[to review them]

And let's get further into...

Thank goodness. Here:

Excellent - that renewed like yesterday.

Now about the secure/insecure.
Please show the vhost config for port 80.
[I think it was named …default…]
Look in /etc/apache2/sites-enabled/
[not the SSL file]

I think you chose to delete the wrong file:
sudo rm /etc/apache2/sites-enabled/000-default-le-ssl.conf

But we can fix that.
Please show:
ls -l /etc/apache2/sites-enabled/

This is what comes up:
total 0

lrwxrwxrwx 1 root root 35 Nov 17 00:46 **default-ssl.conf** -> ../sites-available/default-ssl.conf

As for /etc/apache2/sites-enabled/:

OK that site is using the wrong cert.
We can either:

  • modify it manually to use the correct cert
  • delete it and have cerbot recreate a new file

Your choice.

How can we do this? I don't want to delete things anymore because I might accidentally delete a web folder again without realizing :--(

1 Like

Using your fav editor (I use VI), edit file:
/etc/apache2/sites-enabled/default-ssl.conf
and replace the file locations for:

SSLCertificateFile    /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key

with:

SSLCertificateFile    /etc/letsencrypt/live/munikoy.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/munikoy.com/privkey.pem

Then reload/restart Apache.