So close to getting my SSL to work - can someone please give some guidance?


So I am running centos 7.7 , I am running apache, and SQLite for my database… My domain is where I am using it just as a Nextcloud login for a few users. I am trying to create a SSL with Let’s encrypt and I have the certificates created but for some reason am coming up against this error:

This site can’t provide a secure connection sent an invalid response.

  • [Try running Windows Network Diagnostics](javascript:diagnoseErrors()).


I have a suspicion of what is going on - and it is that for some reason my web server is serving HTTP over 443 - but I can’t figure out how or where to change this.

So, some config files to give a bigger picture -

my apache nextcloud config file that is located in /etc/httpd/conf.d/nextcloud.conf:

<VirtualHost :443>
** ServerName
** ServerAdmin**
** DocumentRoot /var/www/html/nextcloud**
# RewriteEngine On
# RewriteCond %{HTTPS} off
# RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L]
** Alias /nextcloud “/var/www/html/nextcloud/”**
RewriteEngine on
# Some rewrite rules in this file were disabled on your HTTPS site,
# because they have the potential to create redirection loops.

# RewriteCond %{SERVER_NAME}
# RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
SSLCertificateFile /etc/letsencrypt/live/
SSLCertificateKeyFile /etc/letsencrypt/live/
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateChainFile /etc/letsencrypt/live/

One more odd behavior - if I goto I can get to the login screen - Obviously unsecured using http - but any other combination, like or even won’t come back.

Please, anyone that can give me a hand with this I will be so grateful.


1 Like

Hi @mitcHELLspawn

first, you have created some certificates -

Issuer not before not after Domain names LE-Duplicate next LE
Let’s Encrypt Authority X3 2019-12-01 2020-02-29 - 1 entries duplicate nr. 3
Let’s Encrypt Authority X3 2019-12-01 2020-02-29 - 1 entries duplicate nr. 2
Let’s Encrypt Authority X3 2019-11-29 2020-02-27 - 1 entries duplicate nr. 1

So that part has worked.

Second: Your http works, your https not, instead, http + port 443 works.

Is your port forwarding correct?

Extern port 80 -> intern port 80
Extern port 443 -> intern port 443?

Third: Works your https internal, from that machine?




What says

apachectl -S

Hi there. first, thanks for helping.

OKay so the output for the curl commands :

[root@localhost conf.d]# curl
301 Moved Permanently
Moved Permanently
The document has moved here.

[root@localhost conf.d]# curl
curl: (35) SSL received a record that exceeded the maximum permissible length.

[root@localhost conf.d]# curl
!DOCTYPE html>

    meta http-equiv="refresh" content="0; URL=index.php"

Output of apachectl -S -

[root@localhost conf.d]# apachectl -S
VirtualHost configuration:
*:80 is a NameVirtualHost
default server (/etc/httpd/conf.d/nc.conf:1)
port 80 namevhost (/etc/httpd/conf.d/nc.conf:1)
port 80 namevhost (/etc/httpd/conf.d/nextcloudmike.conf:1)
*:443 is a NameVirtualHost
default server (/etc/httpd/conf.d/nc.conf:14)
port 443 namevhost (/etc/httpd/conf.d/nc.conf:14)
port 443 namevhost (/etc/httpd/conf.d/nextcloud.conf:2)
port 443 namevhost (/etc/httpd/conf.d/nextcloudmike-le-ssl.conf:2)
port 443 namevhost (/etc/httpd/conf.d/ssl.conf:56)
ServerRoot: “/etc/httpd”
Main DocumentRoot: “/var/www/html”
Main ErrorLog: “/etc/httpd/logs/error_log”
Mutex ssl-stapling: using_defaults
Mutex proxy: using_defaults
Mutex authn-socache: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/run/httpd/" mechanism=default
Mutex mpm-accept: using_defaults
Mutex authdigest-opaque: using_defaults
Mutex proxy-balancer-shm: using_defaults
Mutex rewrite-map: using_defaults
Mutex authdigest-client: using_defaults
PidFile: “/run/httpd/”
User: name=“apache” id=48
Group: name=“apache” id=48

1 Like

Wow I just realized with the apachectl -S

Those are all the wrong files ------ the port 80 namevhost should be /etc/httpd/conf.d/nextcloud.conf

also nc.conf should not be there

and for 443 namevhost nextcloudmike-le-ssl.conf should not be there either!

How can I make them all point at the correct nextcloud.conf ?


wrong. Every combination of port and domain name must be unique, you have three vHosts instead of one.

How did you create your certificate? With Certbot?

If yes, may be the easiest solution:

  • Make a backup
  • remove alle three vHosts (a2dissite)
  • certbot --reinstall -i apache -d - certbot should find the certificate and should create a correct port 443 vHost

Or fix it manual, merge the three vHosts in one.


Oh my goodness! THank you so so so much.

you are my savior sir! It works :slight_smile: I had all those old misconfigured conf files in the conf.d folder and not realizing that apache was seeing them as actual config files - I thought only nextcloud.conf was being picked up.

Once I removed all the extra conf files from the folder and reinstalled the cert it worked perfectly!!

Thanks again sir!


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.