SSLCertificateFile: file '/private/etc/apache2/server.crt' does not exist or is empty

#21

Remove your redirect http -> https (add #), then check, if port 80 works.

#22

…back, no change, fyi

127.0.0.1 shows "It works" [default apache page]
localhost refuses to connect

fyi, here is hosts file

127.0.0.1	localhost
255.255.255.255	broadcasthost
::1             localhost 

127.0.0.1 collisdesign.com.au
127.0.0.1 www.collisdesign.com.au

…oh just seen your last reply re redirect - can I simply change “RewriteEngine” to “off” in httpd-vhosts.conf?

#23

…took a punt

http://www.collisdesign.com.au

WORKS - yay [shows my “Hello World” page]

http://collisdesign.com.au
https://collisdesign.com.au

bother refuse to connect…

#24

httpd.conf has…

#MYADD
ServerName www.collisdesign.com.au

and httpd-vhosts-le-ssl.conf has

<VirtualHost *:443>
    ...
   RewriteEngine on
#25

the above was only browser cache - this also does not connect

#26

No.

Add # in that and the next three rows.

Or remove your port 443 vHost complete, so you have only a http vHost.

Check /sites-enabled to remove the symbolic link.

#27

…OK did that in vhosts - no change THEN added the 3 #'s [to keep track of my edits] in httpd.conf to get “http” working [code snippet line2 and last]

# Secure (SSL/TLS) connections
###Include /private/etc/apache2/extra/httpd-ssl.conf
#
# Note: The following must must be present to support
#       starting without SSL on platforms with no /dev/random equivalent
#       but a statically compiled-in mod_ssl.
#
<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>

Include /private/etc/apache2/other/*.conf


###Include /private/etc/apache2/extra/httpd-vhosts-le-ssl.conf
#28

Yep, now your http version works.

My First Heading

My first paragraph.

#29

…can I assume issue is in httpd-ssl.conf and/or httpd-vhosts-le-ssl.conf - therefore what’s next to do/try/edit?

#30

Oh: Why do you have two files? Perhaps that’s the problem.

Every combination of port and ServerName must be unique.

#31

good question - as part of fumbling my way thru initial setup, code snippet line 2 was UNcommented by me, last line was added by certbot install - SO… shall I uncomment last line and see what happens?

###Include /private/etc/apache2/extra/httpd-vhosts-le-ssl.conf
#32

OK, took the punt - nothing - then comparing these 2 files - noticed in “le-ssl” had no “Listen 443” - SO added - AND YAHOO - ALL WORKING - “Green A” in SSL Labs

Juergen THANK YOU for your assistance AND patience and as I write this you should be hopefully asleep - you are a SCHOLAR and a GENTLEMAN

In summary has been an intense 24hr learning curve setting up Apache/Virtual Hosts/SSL, so therefore the better for it, hopefully! If any other “newbie” can make use of this thread, then great.

regards, Col

1 Like
#33

Yep, now you have a new certificate.

CN=collisdesign.com.au
	20.03.2019
	18.06.2019
expires in 90 days	collisdesign.com.au, www.collisdesign.com.au - 2 entries

And a Grade C

Domainname Http-Status redirect Sec. G
http://collisdesign.com.au/
203.206.176.184 301 https://collisdesign.com.au/ 0.663 A
http://www.collisdesign.com.au/
203.206.176.184 301 https://www.collisdesign.com.au/ 0.660 A
https://collisdesign.com.au/
203.206.176.184 200 3.586 B
https://www.collisdesign.com.au/
203.206.176.184 200 3.346 B

Two https versions.

closed #34

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.