SSL Not Working on Ubuntu 14.04


#1

I installed the certificate to my domain and it went success. Even I can verify the certificate on SSL Labs but in browser it shows No Secure connection.

My domain is torqcart.net

Can anyone help please?


#2

It looks as if you are using http on port 443, not https

How have you configured your apache for https ? can you paste the config ?


#3

That’s fine now.

The problem what I’m seeing now, is: HTTPS redirects to HTTP… Usually it’s the other way around :stuck_out_tongue_winking_eye:


#4

It’s got the right, valid. cert though :slight_smile:


#5
`<IfModule mod_ssl.c>

<VirtualHost *:443>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request’s Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName torqcart.net

    ServerAdmin webmaster@localhost
    DocumentRoot /var/www/html/torqcart

    # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
    # error, crit, alert, emerg.
    # It is also possible to configure the loglevel for particular
    # modules, e.g.
    #LogLevel info ssl:warn

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    # For most configuration files from conf-available/, which are
    # enabled or disabled at a global level, it is possible to
    # include a line for only one particular virtual host. For example the
    # following line enables the CGI configuration for this host only
    # after it has been globally disabled with "a2disconf".
    #Include conf-available/serve-cgi-bin.conf

SSLCertificateFile /etc/letsencrypt/live/torqcart.net/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/torqcart.net/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
ServerName torqcart.net
SSLCertificateChainFile /etc/letsencrypt/live/torqcart.net/chain.pem

I have given above two references. Screenshot consist of non-ssl conf file and the code pasted is of ssl generated by letsencrypt.

`


#6

At the end of your SSL config, do you have a rewrite rule ? you haven’t pasted that far, but I’m guessing there is a rewrite there to http, which should be removed.


#7

No.

Below is the remaining code which wasn’t pasted.

vim: syntax=apache ts=4 sw=4 sts=4 sr noet


#8

OK, do you have a rewrite in your .htaccess ? if not, what rewrites do you have elsewhere in your apache configs ?


#9

I have found the .htaccess under my application which is reqwriting the rule. After blocking it certificate started working. Can you please https://torqcart.net at your end if it shows the secure mode?


#10

Yes, that cert is working fine :slight_smile: :+1:

as a note, it doesn’t work for www.torqcart.net (which you may want for anyone who adds the www)


#11

I would need the guidelines to add www. Can you help?


#12

How did you create the original cert ? with certbot ? or some other client ? What specific command did you use ?


#13

I used the certbot to create the original cert.


#14

I don’t know what method you used ( webroot ? certonly ? auto ? ) so can’t really tell you how to modify the command.


#15

Hi

I have used the Auto method.


#16

You still haven’t provided the specific command you used.

Generally just adding “–expand -d torqcart.net,www.torqcart.net” onto the command you used originally should work.


#17

Thanks for helping It worked!


#18

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.