Server connection timing out when after getting certificate

Help
1

I'm new to web hosting and trying to set up a simple web portal for my business. I believe I correctly installed certbot and had 2 certificates issued one for pfd-portal.com and www.pfd-portal.com. I used the DigitalOcean method of install let's encrypt. Here: How To Secure Apache with Let's Encrypt on Ubuntu 20.04 | DigitalOcean

I believe the problem might be with the fact even though I'm using a server in my office, I'm using godaddy as a DNS and apprently that can cause issues? Like I said I'm new to this and a bit clueless.

My domain is: www.pfd-portal.com

I ran this command: I used the process of installing and requesting a certificate from digitalocean

It produced this output: The server connect times out whether I try to connect with http or https. I am still able to remotely connect to the server using an SSH connection through Putty.

My web server is (include version): apache/2.4.52 (ubuntu)

The operating system my web server runs on is (include version): Ubuntu 20.04

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): I don't understand this question.

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 1.21.0

2

Hi @MTP, and welcome to the LE community forum :slight_smile:

I can reach the site via HTTP - but NOT via HTTPS.
You may need to check the firewall(s).

curl -Ii pfd-portal.com
HTTP/1.1 301 Moved Permanently
Date: Tue, 16 Aug 2022 22:44:27 GMT
Server: Apache/2.4.52 (Ubuntu)
Location: https://pfd-portal.com/
Content-Type: text/html; charset=iso-8859-1
3 Likes
3

Thanks of the quick response.

So when I use sudo ufw status, it says that Apach full and Apache Full (v6) are allow everywhere. Which i believe means that it should allow traffic through?

Or have I misunderstood?

1 Like
4

Sounds about right.
Let's check Apache, with:
apachectl -t -D DUMP_VHOSTS

3 Likes
5

I got this error when I ran the command:

SSLCertificateFile: file '/etc/letsencrypt/live/www.pfd-portal.com/fullchain.pem' does not exist or is empty
Action '-t -D DUMP_VHOSTS' failed.

When I checked the apache error log I get this error repeated:

[pid 881] AH00171: Graceful restart requested, doing restart
[pid 881] AH01909: pfd-portal.com:443:0 server certificate does NOT include an ID which matches the server name

6

Try:
sudo apachectl -t -D DUMP_VHOSTS

3 Likes
7

Ah yeah, forgot about sudo sorry!

This time it returned this:

*:443 pfd-portal.com (/etc/apache2/sites-enabled/pfd-portal-le-ssl.conf:2)
*:80 pfd-portal.com (/etc/apache2/sites-enabled/pfd-portal.conf:1)

edit:

is there any chance that this may be a router firewall error? I'm no in the office for a few hours but from memory I've not enabled port 443 for port forwarding.

8

Looks good(ish).
I don't see any "www" there.

Show file:
/etc/apache2/sites-enabled/pfd-portal.conf

3 Likes
9

That is a requirement - so, yes:

3 Likes
10

Thanks for the help, i'll try this and see if it works in the morning!

1 Like
11

Out of interest I assume this means that certbot/letsencrypt auto configures the https on a specific port?

Just for a bit of context in case anyone else runs into this issue.

12

HTTPS needs to run on port 443.
[HTTP runs on port 80]
So... yes, the file:

created by certbot uses port 443 for the HTTPS enabled vhost.

3 Likes
13

One again, thank you!

2 Likes
14

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.