That's the correct result. Two certificates provided: your leaf certificate and R3 signed by ISRG Root X1.
So sometimes the redirect doesn't happen?
The address works half the time, but always redirects to https://
https:// work always
Please show:
ps -ef | grep -i apache | grep -v grep
root@Concretise:/etc/letsencrypt/live/concretise.ca# ps -ef | grep -i apache | grep -v grep
root 22617 1 0 19:09 ? 00:00:03 /usr/sbin/apache2 -k start
www-data 49903 22617 1 19:49 ? 00:00:06 /usr/sbin/apache2 -k start
www-data 49908 22617 2 19:49 ? 00:00:08 /usr/sbin/apache2 -k start
www-data 49912 22617 2 19:49 ? 00:00:10 /usr/sbin/apache2 -k start
www-data 49914 22617 0 19:49 ? 00:00:00 /usr/sbin/apache2 -k start
www-data 49917 22617 1 19:49 ? 00:00:05 /usr/sbin/apache2 -k start
www-data 49923 22617 1 19:50 ? 00:00:03 /usr/sbin/apache2 -k start
www-data 49927 22617 1 19:50 ? 00:00:03 /usr/sbin/apache2 -k start
www-data 49934 22617 3 19:52 ? 00:00:06 /usr/sbin/apache2 -k start
www-data 49939 22617 1 19:52 ? 00:00:03 /usr/sbin/apache2 -k start
mmmm.... normal?
Yes, that looks normal.
Please show:
apachectl -t -D DUMP_VHOSTS
VirtualHost configuration:
*:443 is a NameVirtualHost
default server 168.235.68.182 (/etc/apache2/sites-enabled/concretise-le-ssl.conf:2)
port 443 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/concretise-le-ssl.conf:2)
alias www.concretise.ca
alias concretise.ca
port 443 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/concretise-le-ssl.conf:22)
alias concretise.ca
port 443 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/discord-le-ssl.conf:2)
alias discord.concretise.ca
port 443 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/intensy-le-ssl.conf:2)
alias www.intensy.org
port 443 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/jeconcretise-le-ssl.conf:2)
alias je.concretise.ca
port 443 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/mokatkreation-le-ssl.conf:2)
alias mokatkreation.tk
port 443 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/mokatkreation-le-ssl.conf:28)
alias www.mokatkreation.tk
port 443 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/mokatkreation-le-ssl.conf:77)
alias www.mokatkreation.tk
port 443 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/pixabay-le-ssl.conf:2)
alias pixabay.concretise.ca
port 443 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/webmail-le-ssl.conf:2)
alias webmail.concretise.ca
*:80 is a NameVirtualHost
default server 168.235.68.182 (/etc/apache2/sites-enabled/concretise-le-ssl.conf:41)
port 80 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/concretise-le-ssl.conf:41)
alias concretise.ca
port 80 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/concretise.conf:1)
alias www.concretise.ca
port 80 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/concretise.conf:18)
alias concretise.ca
port 80 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/discord-le-ssl.conf:26)
alias discord.concretise.ca
port 80 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/discord.conf:1)
alias discord.concretise.ca
port 80 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/intensy-le-ssl.conf:27)
alias www.intensy.org
port 80 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/intensy.conf:1)
alias www.intensy.org
port 80 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/jeconcretise-le-ssl.conf:20)
alias je.concretise.ca
port 80 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/jeconcretise.conf:1)
alias je.concretise.ca
port 80 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/mokatkreation-le-ssl.conf:54)
alias mokatkreation.tk
port 80 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/mokatkreation.conf:1)
alias www.mokatkreation.tk
port 80 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/mokatkreation.conf:18)
alias mokatkreation.tk
port 80 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/pixabay-le-ssl.conf:26)
alias pixabay.concretise.ca
port 80 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/pixabay.conf:1)
alias pixabay.concretise.ca
port 80 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/webmail-le-ssl.conf:26)
alias webmail.concretise.ca
port 80 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/webmail.conf:1)
alias webmail.concretise.ca
ok I understand why..
You have nine name:port
overlaps.
port 443 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/concretise-le-ssl.conf:2)
alias www.concretise.ca
alias concretise.ca <<<<<
port 443 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/concretise-le-ssl.conf:22)
alias concretise.ca <<<<<
port 443 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/mokatkreation-le-ssl.conf:28)
alias www.mokatkreation.tk <<<<<
port 443 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/mokatkreation-le-ssl.conf:77)
alias www.mokatkreation.tk <<<<<
port 80 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/concretise-le-ssl.conf:41)
alias concretise.ca <<<<<
port 80 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/concretise.conf:18)
alias concretise.ca <<<<<
port 80 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/discord-le-ssl.conf:26)
alias discord.concretise.ca <<<<<
port 80 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/discord.conf:1)
alias discord.concretise.ca <<<<<
port 80 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/intensy-le-ssl.conf:27)
alias www.intensy.org <<<<<
port 80 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/intensy.conf:1)
alias www.intensy.org <<<<<
port 80 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/jeconcretise-le-ssl.conf:20)
alias je.concretise.ca <<<<<
port 80 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/jeconcretise.conf:1)
alias je.concretise.ca <<<<<
port 80 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/mokatkreation-le-ssl.conf:54)
alias mokatkreation.tk <<<<<
port 80 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/mokatkreation.conf:18)
alias mokatkreation.tk <<<<<
port 80 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/pixabay-le-ssl.conf:26)
alias pixabay.concretise.ca <<<<<
port 80 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/pixabay.conf:1)
alias pixabay.concretise.ca <<<<<
port 80 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/webmail-le-ssl.conf:26)
alias webmail.concretise.ca <<<<<
port 80 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/webmail.conf:1)
alias webmail.concretise.ca <<<<<
And you are using the IP as the name on every server block.
I don't know why but letsencrypt have copied a *:80 in ssl.conf of each vhost
I modify and try in 5 minutes..
Likely has to do with the use of the name only as an alias.
VirtualHost configuration:
*:443 is a NameVirtualHost
default server 168.235.68.182 (/etc/apache2/sites-enabled/concretise-le-ssl.conf:2)
port 443 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/concretise-le-ssl.conf:2)
alias www.concretise.ca
alias concretise.ca
port 443 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/concretise-le-ssl.conf:22)
alias concretise.ca
port 443 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/discord-le-ssl.conf:2)
alias discord.concretise.ca
port 443 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/intensy-le-ssl.conf:2)
alias www.intensy.org
port 443 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/jeconcretise-le-ssl.conf:2)
alias je.concretise.ca
port 443 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/mokatkreation-le-ssl.conf:2)
alias mokatkreation.tk
port 443 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/mokatkreation-le-ssl.conf:28)
alias www.mokatkreation.tk
port 443 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/pixabay-le-ssl.conf:2)
alias pixabay.concretise.ca
port 443 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/webmail-le-ssl.conf:2)
alias webmail.concretise.ca
*:80 is a NameVirtualHost
default server 168.235.68.182 (/etc/apache2/sites-enabled/concretise.conf:1)
port 80 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/concretise.conf:1)
alias www.concretise.ca
port 80 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/concretise.conf:18)
alias concretise.ca
port 80 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/discord.conf:1)
alias discord.concretise.ca
port 80 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/intensy.conf:1)
alias www.intensy.org
port 80 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/jeconcretise.conf:1)
alias je.concretise.ca
port 80 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/mokatkreation.conf:1)
alias www.mokatkreation.tk
port 80 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/mokatkreation.conf:18)
alias mokatkreation.tk
port 80 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/pixabay.conf:1)
alias pixabay.concretise.ca
port 80 namevhost 168.235.68.182 (/etc/apache2/sites-enabled/webmail.conf:1)
alias webmail.concretise.ca
Look better...
<VirtualHost *:80>
ServerName 168.235.68.182
ServerAlias webmail.concretise.ca
is it wrong?
Yes that's "wrong".
An IP is NOT a name.
And you use that "name" in every server block.
my last config was
<VirtualHost *:80>
ServerName concretise.ca
ServerAlias concretise.ca
but apache service let me know the servername wasn't correct
Why would you alias the same exact name?
[an alias is like a secondary name]
Most people would do something like:
ServerName concretise.ca
ServerAlias www.concretise.ca
Ok it changed on each...
I can "review" it, if you post it.