SSL on Ubuntu 16.04 with apache and varnish

Help
101

If you hit the 25 limit (Again)
Click on my name and choose the" message" option (for direct message)

102

No I mean the whole work that needs to be done. I donā€™t touch vim, all my stuff is done via nano.

Man I am still missing some stuff, but I canā€™t be bothering you. I mean you already shown me some stuff and helped me along the line.

Proxypass returned an error on apache. So I tried to see the apache modules I was using by giving apache2ctl -M to see if mod_ssl and mod_proxy was enabled.

And then this happened:

SSLCertificateFile: file '/etc/letsencrypt/live/leptokaropoulos.gr/fullchain.pem' does not exist or is empty

EDIT:

I will be troubleshooting this stuff for now and see where I am at. I am super thankfull for your help. You are what makes open source and its community so admirable and loveable. This is the only way forward!

If I have another problem I will be posting again in a new thread.

Thanks for all the help mang. Hope to see you around.

You have twitter btw?

1 Like
103

That sounds like a permissions problem.
ls -l /etc/letsencrypt/live/leptokaropoulos.gr/

1 Like
104

I only use twitter for ā€œbusinessā€.

Best of luck to you :slight_smile:

1 Like
105

Should I be free with permissions on such files?

/etc/letsencrypt/live/leptokaropoulos.gr/
ls: cannot access '/etc/letsencrypt/live/leptokaropoulos.gr/': Permission denied

I wasn't going to bother you with questions. Just to follow :slight_smile:

106

"Yes", apache should be able to read that directory.
It must, to be able to use the cert.

Don't look it down so tight that no one can use it - LOL

1 Like
107

Again thank you very much. I think proxy is also enabled and LE also enabled. Fingers crossed!

The next thing I will be troubleshooting is why my certificate isnā€™t trusted on the browser.

Thank you man. See you around I guess! Much love

108

I have a few more minutes before I have to go...
Try:

I will be keeping that thought in my head for the rest of the day - thank you for that :slight_smile:

1 Like
109

You need to set the cipher preference order:
https://www.ssllabs.com/ssltest/analyze.html?d=leptokaropoulos.gr
Use:
SSLHonorCipherOrder On

It should be included in:
/etc/apache2/conf-available/other-vhosts-access-log.conf

Show:
ls -l /etc/apache2/conf-enabled
and
cat /etc/apache2/conf-available/other-vhosts-access-log.conf

1 Like
110

I did it. However still not secure. But those sites have instructions that I will follow. Again thank you for everything, man. You helped a fellow human today and you should be proud for it. Thank you friend! :slight_smile: See ya!

111

Peace out!

Stay dangerous.

112

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.