Show the one that breaks things.
Maybe we can all learn something from it…
Yep, not quite sure what is wrong in it yet; other than the fact that the certs are commented out...
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster@localhost
ServerName anotherrandomsite.com
ServerAlias www.anotherrandomsite.com
<Directory /var/www/anotherrandomsite.com>
Options Indexes FollowSymLinks MultiViews
AllowOverride FileInfo
Order allow,deny
allow from all
</Directory>
DocumentRoot /var/www/anotherrandomsite.com
ErrorLog /var/www/apache2/.log/error.log
CustomLog /var/www/apache2/.log/access.log combined
#Include /etc/letsencrypt/options-ssl-apache.conf
#SSLCertificateFile /etc/letsencrypt/live/anotherrandomsite.com/fullchain.pem
#SSLCertificateKeyFile /etc/letsencrypt/live/anotherrandomsite.com/privkey.pem
</VirtualHost>
</IfModule>
Glad to see you found the problem.
I can’t see how this would break Apache in the way it broke another vhost.
What command did you use to stop/start/restart Apache?
I tried a bunch:
sudo service apache2 restart
sudo service apache2 stop
sudo service apache2 start
sudo service apache2 reload
sudo service apache2 graceful
sudo /etc/init.d/apache2 restart
sudo /etc/init.d/apache2 stop
sudo /etc/init.d/apache2 start
sudo /etc/init.d/apache2 reload
sudo /etc/init.d/apache2 graceful
I even rebooted the server completely from the EC2 console
Consider that you are telling Apache two contradictory things:
- Here's a VirtualHost on port 443 that does not have HTTPS enabled (because you commented out the inclusion of
options-ssl-apache.conf
) - Then, you have a bunch of VirtualHosts on port 443 that DO have HTTPS enabled.
One port in Apache can't mux for two separate protocols (HTTP and HTTPS). So Apache has to resolve the situation by choosing one or the other.
Perhaps Apache decided "welp, gonna go with HTTP" which acts to disable HTTPS for all port 443 VirtualHosts.
Edit: ideally Apache should refuse to start when it encounters configurations like this that make no sense, but unfortunately it accepts a wide range of nonsense configs that confuse users at runtime (duplicate ServerNames are another common one).
Thanks for the explanation - that makes sense. It should at least throw a warning when I do apachectl -t
. Oh well. Thanks again for your help!
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.