SSL certificate issue

Hi! I have a SSL certificate issue with AWS instance and a domain. I hope you would be able to help and thanks in advance.

My domain is angelone.algomatixrt.com.

I created a separate instance in AWS Lightsail and setup the site by exporting it from angelbroking.algomatixrt.com and changed required parameters wrt angelone in the new instance. I created the SSL successfully for the new instance. All have gone perfect.

But, when I go to angelone.algomatixrt.com it says not secure, and in the certificate information it shows it is untrusted certificate as it is in the name of example.com

Any ideas how can I solve it?

Thanks!

Yes, I see you have your new certs but your Apache server is using that example cert instead. You need to review your Apache config and make sure it is using your new cert.

Thanks MikeMcQ. Edited httpd-ssl.conf and httpd-vhosts.conf to point to new cert and the domain. Yet, the same issue persists. Anything else to do?

Hmm. Let's look at your VirtualHosts. Please show result of this

sudo apachectl -t -D DUMP_VHOSTS

You may need to use apache2ctl or even httpd instead of apachectl

The page displayed is a welcome page saying "Congratulations You are now running LAMP packaged by Bitnami"

Is that what your site should be returning? If not, check that the DNS points to the correct IP.

DNS points to the correct IP. The page displayed should be the landing page of the domain (angelone.algomatixrt.com/index.php)

The command shows the below result:

bitnami@ip-172-26-5-24:/opt/bitnami/apache/conf/bitnami$ sudo apachectl -t -D DUMP_VHOSTS

AH00112: Warning: DocumentRoot [/opt/bitnami/apache2/htdocs/angelone.algomatixrt.com] does not exist
AH00112: Warning: DocumentRoot [/opt/bitnami/apache2/htdocs/angelone.algomatixrt.com] does not exist
VirtualHost configuration:
127.0.0.1:80 status.localhost (/opt/bitnami/apache/conf/vhosts/00_status-vhost.conf:1)
*:80 is a NameVirtualHost
default server angelone.algomatixrt.com (/opt/bitnami/apache/conf/extra/httpd-vhosts.conf:23)
port 80 namevhost angelone.algomatixrt.com (/opt/bitnami/apache/conf/extra/httpd-vhosts.conf:23)
alias www.angelone.algomatixrt.com
port 80 namevhost angelone.algomatixrt.com (/opt/bitnami/apache/conf/extra/httpd-vhosts.conf:40)
alias www.angelone.algomatixrt.com
port 80 namevhost angleone.algomatixrt.com (/opt/bitnami/apache/conf/bitnami/bitnami.conf:6)
*:443 is a NameVirtualHost
default server www.angelone.algomatixrt.com (/opt/bitnami/apache/conf/extra/httpd-ssl.conf:121)
port 443 namevhost www.angelone.algomatixrt.com (/opt/bitnami/apache/conf/extra/httpd-ssl.conf:121)
port 443 namevhost angleone.algomatixrt.com (/opt/bitnami/apache/conf/bitnami/bitnami-ssl.conf:15)

You have several problems with your Apache config. And, right now I cannot connect to any of them (I get an error saying 'connection refused'). We are not a general support forum for Apache. But, I'll give some guidance anyway.

You have multiple VirtualHost definitions for the same names. It even looks like you have two in the same conf file (httpd-vhosts.conf)

Your bitnami.conf is a 3rd VHost for angleone but does not have the www name as an alias like the others. Only you know how it should be but there must be only one VirtualHost for each name and usually angleone and its www would be in the same VirtualHost

While it is allowed to have a separate VirtualHost for each name that is not usually what people want. Make sure each of these conf use the correct cert files. You should probably combine these into one VirtualHost

After fixing the above issues if this error remains you should correct your DocumentRoot that causes this.

Thanks much MikeMcQ for the support, highly appreciated. Will check reviewing your recommendations and suggestions. Even as I do understand the limitations on support for Apache in the forum, I hope to resolve with your guidance. Thanks again.

I could set right the connection to angelone.algomatixrt.com, and changed the vhosts and configured the domain in bitnami and apache config to angelone.algomatixrt.com.and the listening port details. Yet, the certificate shows example.com. Where am i going wrong?

Most likely, somewhere within:

I have reviewed and changed the apache conf, and changed ServerName to angelone.algomatixrt.com:80 in httpd.conf, httpd-ssl.conf, and virutal hosts details, etc. I have the certs issued for my domain angelone.algomatixrt.com. However, when I try to open the url angelone.algomatixrt.com it says not secure, and the certificate applied is of CN=example.com. I don't get how this certificate is applied to my domain. How can I change this to the certificate of my domain?

Please show this again

Let's start with:

I'm 99.9% sure the problem is within:

Manually editing the Apache configuration.

Here's the output. Static IP of the instance is: 52.220.139.108, and the private IP: 172.26.5.24.

bitnami@ip-172-26-5-24:~$ sudo apachectl -t -D DUMP_VHOSTS
VirtualHost configuration:
52.220.139.108:80 status.localhost (/opt/bitnami/apache/conf/vhosts/00_status-vhost.conf:1)
*:80 is a NameVirtualHost
default server angelone.algomatixrt.com (/opt/bitnami/apache/conf/extra/httpd-vhosts.conf:24)
port 80 namevhost angelone.algomatixrt.com (/opt/bitnami/apache/conf/extra/httpd-vhosts.conf:24)
alias www.angelone.algomatixrt.com
port 80 namevhost angelone.algomatixrt.com (/opt/bitnami/apache/conf/bitnami/bitnami.conf:6)
alias www.angelone.algomatixrt.com
*:443 angleone.algomatixrt.com (/opt/bitnami/apache/conf/bitnami/bitnami-ssl.conf:15)

A name:port overlap still exists.
Two files are using the same ServerNames and port:

And the secure file is only using one of the two names [no alias]:

I went by the recommended setup. and edited the config files to include the domain name angelone.algomatixrt.com
There is just single entry for the port 80 and 443, and included ServerAlias in httpd-vhosts.conf for www.angelone.algomatixrt.com

VirtualHost configuration:
127.0.0.1:80 status.localhost (/opt/bitnami/apache/conf/vhosts/00_status-vhost.conf:1)
*:80 is a NameVirtualHost
default server angelone.algomatixrt.com (/opt/bitnami/apache/conf/extra/httpd-vhosts.conf:23)
port 80 namevhost angelone.algomatixrt.com (/opt/bitnami/apache/conf/extra/httpd-vhosts.conf:23)
port 80 namevhost angelone.algomatixrt.com (/opt/bitnami/apache/conf/bitnami/bitnami.conf:6)
*:443 angelone.algomatixrt.com (/opt/bitnami/apache/conf/bitnami/bitnami-ssl.conf:15)

Please show the contents of this file. Please also add three backticks before and after so we see all the tags like:
```
contents
```

Below is the contents of the file /opt/bitnami/apache/conf/bitnami/bitnami-ssl.conf

# Default SSL Virtual Host configuration.

<IfModule !ssl_module>
LoadModule ssl_module modules/mod_ssl.so
</IfModule>

Listen 443
SSLProtocol all -SSLv2 -SSLv3SHA256 EECDH !aNULL !eNULL !LOW
SSLHonorCipherOrder on
SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+
SHA256 EECDH !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !EDH !RC4"
SSLPassPhraseDialog  builtin
SSLSessionCache "shmcb:/opt/bitnami/apache/logs/ssl_scache(512000)"
SSLSessionCacheTimeout  300

<VirtualHost _default_:443>
  DocumentRoot "/opt/bitnami/apache/htdocs"
  SSLEngine on
  SSLCertificateFile "/opt/bitnami/apache/conf/bitnami/certs/server.crt"
  SSLCertificateKeyFile "/opt/bitnami/apache/conf/bitnami/certs/server.key"

  <Directory "/opt/bitnami/apache/htdocs">
    Options Indexes FollowSymLinks
    AllowOverride All
    Require all granted
  </Directory>

  # Error Documents
  ErrorDocument 503 /503.html                               
</VirtualHost>

Can you paste the value of that file here. Do NOT post the other "key" file - just this one.

Trying to upload the file, but getting the message: "Sorry, the file you are trying to upload is not authorized (authorized extensions: jpg, jpeg, png, gif, go, js, txt, pcap, pcapng, pem)."