Ssl doesnot work

Hi everone
I have Ubuntu 16 with apache2 server and hosting sites. I try to secure my site using certbot, and it show me succesul. but when i browse my site, site are not hosting.
My domain is: siwiappv1.websearchpro.net

I ran this command:
sudo certbot --apache -d siwiappv1.websearchpro.net

and i also selete redirect (2) option for it.

It produced this output:

My web server is (include version):
.conf
<VirtualHost *:80>
ServerAdmin webmaster@localhost
ServerName siwiappv1.websearchpro.net
ServerAlias siwiappv1.websearchpro.net
DocumentRoot /var/www/html/demo/dev.websearchpro.net/siwiapp
ErrorLog {APACHE_LOG_DIR}/error.log CustomLog {APACHE_LOG_DIR}/access.log combined
<Directory /var/www/html/demo/dev.websearchpro.net/siwiapp>
Options FollowSymLinks
AllowOverride All
Require all granted

    </Directory>

RewriteEngine on
RewriteCond %{SERVER_NAME} =app.quotationmaker.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

and in -le-ssl.conf

<VirtualHost *:443>
ServerAdmin webmaster@localhost
ServerName siwiappv1.websearchpro.net
ServerAlias siwiappv1.websearchpro.net
DocumentRoot /var/www/html/demo/dev.websearchpro.net/siwiapp
ErrorLog {APACHE_LOG_DIR}/error.log CustomLog {APACHE_LOG_DIR}/access.log combined
<Directory /var/www/html/demo/dev.websearchpro.net/siwiapp>
Options FollowSymLinks
AllowOverride All
Require all granted

    </Directory>

SSLCertificateFile /etc/letsencrypt/live/siwiappv1.websearchpro.net/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/siwiappv1.websearchpro.net/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf

my certbot version is 0.32.0

any idea?

Hi @bikra6275

checking your domain via https://check-your-website.server-daten.de/?q=siwiappv1.websearchpro.net

You have created a certificate, so that part works:

Issuer not before not after Domain names LE-Duplicate next LE
Let’s Encrypt Authority X3 2020-03-18 2020-06-16 siwiappv1.websearchpro.net - 1 entries duplicate nr. 1

But your port 443 is a http port -> Grade Q.

That’s

duplicated, remove the ServerAlias row.

Looks like you have created your port 443 manual. Disable your port 443, try

certbot -d siwiappv1.websearchpro.net --reinstall -i apache

Letsencrypt should find the certificate and should create a correct https port.

Read

Additionally, your port 443 is speaking http… Not sure how the whole setup worked here.:joy:

This works: http://siwiappv1.websearchpro.net:443/
This doesn’t: https://siwiappv1.websearchpro.net/

This basically means your port 443 Apache virtualhost are messed up… You might have other references of port 443 speaking http (instead of https)

Edit: Sorry, wrong topic.

Hi

I tried you instruction, and i chose 1 option after running certbot -d siwiappv1.websearchpro.net --reinstall -i apache
but, it doesnot redirect to https, site open to http… and in https it doesnot host.

Hi there, what should i change to run this website in https. i tried so many thing.

Hi there,
ok then how can i change this port in ubuntu.

What’s the output of apache2ctl -S?

Your result says: You didn’t.

Hi there,
In instrution “Looks like you have created your port 443 manual. Disable your port 443,”
from where i can disable it, port.conf or where,

it gives me
apachectl -S

AH00112: Warning: DocumentRoot [/var/www/html/demo/dev.websearchpro.net/naringslivshistoriamultidomain] does not exist
AH00112: Warning: DocumentRoot [/var/www/html/demo/stilguiden] does not exist
AH00112: Warning: DocumentRoot [/var/www/html/demo/handinhand3] does not exist
AH00112: Warning: DocumentRoot [/var/www/html/demo/dev.websearchpro.net/naringslivshistoriamultidomain] does not exist
AH00112: Warning: DocumentRoot [/var/www/html/demo/quotation] does not exist
[Wed Mar 18 09:29:54.606741 2020] [alias:warn] [pid 3467] AH00671: The Alias directive in /etc/phpmyadmin/apache.conf at line 3 will probably never match because it overlaps an earlier Alias.
VirtualHost configuration:
*:443 is a NameVirtualHost
default server apidev.gharbanau.com (/etc/apache2/sites-enabled/apidev.gharbanau.com-le-ssl.conf:2)
port 443 namevhost apidev.gharbanau.com (/etc/apache2/sites-enabled/apidev.gharbanau.com-le-ssl.conf:2)
port 443 namevhost app.quotationmaker.com (/etc/apache2/sites-enabled/app.quotationmaker.com-le-ssl.conf:2)
port 443 namevhost cdn.gharbanau.com (/etc/apache2/sites-enabled/cdn.gharbanau.com-le-ssl.conf:2)
*:80 is a NameVirtualHost
default server 109-74-4-178-static.glesys.net (/etc/apache2/sites-enabled/000-default.conf:1)
port 80 namevhost 109-74-4-178-static.glesys.net (/etc/apache2/sites-enabled/000-default.conf:1)
port 80 namevhost api.gharbanau.com (/etc/apache2/sites-enabled/api.gharbanau.com.conf:1)
port 80 namevhost apidev.gharbanau.com (/etc/apache2/sites-enabled/apidev.gharbanau.com.conf:1)
port 80 namevhost app.quotationmaker.com (/etc/apache2/sites-enabled/app.quotationmaker.com-le-ssl.conf:20)
port 80 namevhost app.quotationmaker.com (/etc/apache2/sites-enabled/app.quotationmaker.com-le-ssl.conf:41)
port 80 namevhost app.quotationmaker.com (/etc/apache2/sites-enabled/app.quotationmaker.com.conf:1)
port 80 namevhost bipdk.websearchpro.net (/etc/apache2/sites-enabled/bipdk.websearchpro.net.conf:1)
port 80 namevhost bipdknew.websearchpro.net (/etc/apache2/sites-enabled/bipdknew.websearchpro.net.conf:1)
port 80 namevhost bizstories.websearchpro.net (/etc/apache2/sites-enabled/bizstories.websearchpro.net.conf:1)
port 80 namevhost buildupnepal.websearchpro.net (/etc/apache2/sites-enabled/buildupnepal.websearchpro.net.conf:1)
port 80 namevhost bunapp.websearchpro.net (/etc/apache2/sites-enabled/bunapp.websearchpro.net.conf:1)
port 80 namevhost cdn.gharbanau.com (/etc/apache2/sites-enabled/cdn.gharbanau.com.conf:1)
port 80 namevhost dev.gharbanau.com (/etc/apache2/sites-enabled/dev.gharbanau.com.conf:1)
port 80 namevhost dev.websearchpro.net (/etc/apache2/sites-enabled/dev.websearchpro.net.conf:1)
port 80 namevhost devcdn.gharbanau.com (/etc/apache2/sites-enabled/devcdn.gharbanau.com.conf:1)
port 80 namevhost ed.websearchpro.net (/etc/apache2/sites-enabled/ed.websearchpro.net.conf:1)
port 80 namevhost farghuset.stilspelet.se (/etc/apache2/sites-enabled/farghuset.stilspelet.se.conf:1)
alias kungsgatan69.stilspelet.se
alias halmstadsfarghus.stilspelet.se
port 80 namevhost fd.websearchpro.net (/etc/apache2/sites-enabled/fd.websearchpro.net.conf:1)
port 80 namevhost www.gharbanau.com (/etc/apache2/sites-enabled/gharbanau.com.conf:1)
port 80 namevhost gitlab.websearchpro.net (/etc/apache2/sites-enabled/gitlab.conf:1)
port 80 namevhost handinhand3.websearchpro.net (/etc/apache2/sites-enabled/handinhand3.websearchpro.net.conf:1)
port 80 namevhost intranet.worldlit.se (/etc/apache2/sites-enabled/intranet.worldlit.se.conf:1)
port 80 namevhost jambono.websearchpro.net (/etc/apache2/sites-enabled/jambono.websearchpro.net.conf:1)
port 80 namevhost jamboopt.websearchpro.net (/etc/apache2/sites-enabled/jamboopt.websearchpro.net.conf:1)
port 80 namevhost jambosv.websearchpro.net (/etc/apache2/sites-enabled/jambosv.websearchpro.net.conf:1)
port 80 namevhost livetemase.websearchpro.net (/etc/apache2/sites-enabled/livetemase.websearchpro.net.conf:1)
alias livetemano.websearchpro.net
alias livetemada.websearchpro.net
alias livetemafi.websearchpro.net
port 80 namevhost medveten.websearchpro.net (/etc/apache2/sites-enabled/medveten.websearchpro.net.conf:1)
port 80 namevhost metronome.websearchpro.net (/etc/apache2/sites-enabled/metronome.websearchpro.net.conf:1)
port 80 namevhost naringslivshistoria.websearchpro.net (/etc/apache2/sites-enabled/naringslivshistoria.websearchpro.net.conf:1)
port 80 namevhost nod.websearchpro.net (/etc/apache2/sites-enabled/nod.websearchpro.net.conf:1)
port 80 namevhost nodsystem.websearchpro.net (/etc/apache2/sites-enabled/nodsystem.websearchpro.net.conf:1)
port 80 namevhost quotation.websearchpro.net (/etc/apache2/sites-enabled/quotation.websearchpro.net.conf:1)
port 80 namevhost quotationmaker.com (/etc/apache2/sites-enabled/quotationmaker.com.conf:1)
alias www.quotationmaker.com
port 80 namevhost siwiappv1.websearchpro.net (/etc/apache2/sites-enabled/siwiappv1.websearchpro.net-le-ssl.conf:2)
port 80 namevhost siwiappv1.websearchpro.net (/etc/apache2/sites-enabled/siwiappv1.websearchpro.net.conf:1)
port 80 namevhost siwinew.websearchpro.net (/etc/apache2/sites-enabled/siwinew.websearchpro.net.conf:1)
alias www.siwinew.websearchpro.net
port 80 namevhost siwitestapp.websearchpro.net (/etc/apache2/sites-enabled/siwitestapp.websearchpro.net.conf:1)
port 80 namevhost smart.websearchpro.net (/etc/apache2/sites-enabled/smart.websearchpro.net.conf:1)
alias www.smart.websearchpro.net
port 80 namevhost svjambo.websearchpro.net (/etc/apache2/sites-enabled/svjambo.websearchpro.net.conf:1)
port 80 namevhost temase.websearchpro.net (/etc/apache2/sites-enabled/temase.websearchpro.net.conf:1)
alias temano.websearchpro.net
alias temafi.websearchpro.net
alias temada.websearchpro.net
ServerRoot: “/etc/apache2”
Main DocumentRoot: “/var/www/html”
Main ErrorLog: “/var/log/apache2/error.log”
Mutex watchdog-callback: using_defaults
Mutex rewrite-map: using_defaults
Mutex ssl-stapling-refresh: using_defaults
Mutex ssl-stapling: using_defaults
Mutex proxy: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/var/lock/apache2" mechanism=fcntl
Mutex mpm-accept: using_defaults
PidFile: “/var/run/apache2/apache2.pid”
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name=“www-data” id=33 not_used
Group: name=“www-data” id=33 not_used

Please share us the content of two files:
/etc/apache2/sites-enabled/siwiappv1.websearchpro.net-le-ssl.conf
/etc/apache2/sites-enabled/siwiappv1.websearchpro.net.conf

The issue appears to be in the first file, but just to be sure …

○ → cat siwiappv1.websearchpro.net.conf
<VirtualHost *:80>
ServerAdmin webmaster@localhost
ServerName siwiappv1.websearchpro.net
DocumentRoot /var/www/html/demo/dev.websearchpro.net/siwiapp
ErrorLog {APACHE_LOG_DIR}/error.log CustomLog {APACHE_LOG_DIR}/access.log combined
<Directory /var/www/html/demo/dev.websearchpro.net/siwiapp>
Options FollowSymLinks
AllowOverride All
Require all granted

    </Directory>

RewriteEngine on
RewriteCond %{SERVER_NAME} =siwiappv1.websearchpro.net
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

2020-03-18 09:33:45 ☆ dev in /etc/apache2/sites-enabled
○ → cat siwiappv1.websearchpro.net-le-ssl.conf

<VirtualHost *:80>
ServerAdmin webmaster@localhost
ServerName siwiappv1.websearchpro.net
DocumentRoot /var/www/html/demo/dev.websearchpro.net/siwiapp
ErrorLog {APACHE_LOG_DIR}/error.log CustomLog {APACHE_LOG_DIR}/access.log combined
<Directory /var/www/html/demo/dev.websearchpro.net/siwiapp>
Options FollowSymLinks
AllowOverride All
Require all granted

    </Directory>

SSLCertificateFile /etc/letsencrypt/live/siwiappv1.websearchpro.net/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/siwiappv1.websearchpro.net/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf

Try to change the line <VirtualHost *:80> in this file from 80 to 443, then restart your Apache server.

I did, but it doesnot redirect to https, it open in http.

2020-03-18 09:37:13 ☆ dev in /etc/apache2/sites-enabled
○ → cat siwiappv1.websearchpro.net-le-ssl.conf

<VirtualHost *:443>
ServerAdmin webmaster@localhost
ServerName siwiappv1.websearchpro.net
DocumentRoot /var/www/html/demo/dev.websearchpro.net/siwiapp
ErrorLog {APACHE_LOG_DIR}/error.log CustomLog {APACHE_LOG_DIR}/access.log combined
<Directory /var/www/html/demo/dev.websearchpro.net/siwiapp>
Options FollowSymLinks
AllowOverride All
Require all granted

    </Directory>

SSLCertificateFile /etc/letsencrypt/live/siwiappv1.websearchpro.net/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/siwiappv1.websearchpro.net/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf

Can you share the content of this file?
/etc/apache2/sites-enabled/apidev.gharbanau.com-le-ssl.conf

Your whole Apache server is serving http on https port 443…

That’s a great mess.

Every combination of port and domain name must be unique. There are a lot of duplicated entries.

So it’s impossible that Certbot understand your config.

Please run systemctl restart apache2 to restart your web server.
Then apache2ctl -S again.

In my Ubuntu server,
I am not able to host site in https i donot know what is i am missing or mis-configure, but site can host only in http.
in apidev.gharbanau.com-le-ssl.conf

<VirtualHost *:443>
ServerAdmin webmaster@localhost
ServerName apidev.gharbanau.com
#ServerName www.apidev.gharbanau.com
DocumentRoot /var/www/html/demo/DevNirmanSamagriAPI
ErrorLog {APACHE_LOG_DIR}/error.log CustomLog {APACHE_LOG_DIR}/access.log combined
<Directory /var/www/html/demo/DevNirmanSamagriAPI>
Options FollowSymLinks
AllowOverride All
Require all granted

    </Directory>

#RewriteEngine on
#RewriteCond %{SERVER_NAME} =www.gharbanau.com
#RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
#SSLCertificateFile /etc/letsencrypt/live/apidev.gharbanau.com/fullchain.pem
#SSLCertificateKeyFile /etc/letsencrypt/live/apidev.gharbanau.com/privkey.pem
#Include /etc/letsencrypt/options-ssl-apache.conf

but this site apidev.gharbanau.com-le-ssl.conf is not hosting from this server.