<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster@localhost
DocumentRoot ****
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# <LocationMatch "^/(?!\.well-known)">
#send all other requests to HTTPS
# RewriteEngine On
# Some rewrite rules in this file were disabled on your HTTPS site,
# because they have the potential to create redirection loops.
# RewriteCond %{HTTPS} !=on
# RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1
# </LocationMatch>
# RewriteCond %{SERVER_NAME} =infinity-computer-systems.com
# RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
ServerName infinity-computer-systems.com
Include /etc/letsencrypt/options-ssl-apache.conf
ServerAlias marref.org
SSLCertificateFile /etc/letsencrypt/live/marref.org/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/marref.org/privkey.pem
</VirtualHost>
</IfModule>
<IfModule mod_ssl.c>
<VirtualHost *:80>
ServerAdmin webmaster@localhost
DocumentRoot ****
ServerName marref.org
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<LocationMatch "^/(?!\.well-known)">
#send all other requests to HTTPS
RewriteEngine On
# Some rewrite rules in this file were disabled on your HTTPS site,
# because they have the potential to create redirection loops.
# RewriteCond %{HTTPS} !=on
# RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1
</LocationMatch>
# RewriteCond %{SERVER_NAME} =marref.org
# RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
</IfModule>
Having these two lines in the same file created that problem:
They now have separate certs, so they need separate vhost config (in order to point each name to its' matching cert).
OR
If they really do the same thing and can be combined into one DocumentRoot, one site, one cert...
Then all we need to do is put both domain names onto one single cert.
We can do that with: sudo certbot --apache -d "infinity-computer-systems.com,marref.org" --dry-run
[always first use --dry-run - while testing]
If the sites do different things and can't be combined, then they need separate DocumentRoots, separate vhost configs, and separate certs.
$ sudo certbot --apache -d "infinity-computer-systems.com,marref.org"
Saving debug log to /var/log/letsencrypt/letsencrypt.log
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
You have an existing certificate that contains a portion of the domains you
requested (ref: /etc/letsencrypt/renewal/infinity-computer-systems.com.conf)
It contains these names: infinity-computer-systems.com
You requested these names for the new certificate:
infinity-computer-systems.com, marref.org.
Do you want to expand and replace this existing certificate with the new
certificate?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(E)xpand/(C)ancel: E
Renewing an existing certificate for infinity-computer-systems.com and marref.org
Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/infinity-computer-systems.com/fullchain.pem
Key is saved at: /etc/letsencrypt/live/infinity-computer-systems.com/privkey.pem
This certificate expires on 2021-11-24.
These files will be updated when the certificate renews.
Certbot has set up a scheduled task to automatically renew this certificate in the background.
Deploying certificate
Successfully deployed certificate for infinity-computer-systems.com to /etc/apache2/sites-enabled/000-default-le-ss
l.conf
Successfully deployed certificate for marref.org to /etc/apache2/sites-enabled/000-default-le-ssl.conf
Failed redirect for infinity-computer-systems.com
Unable to set the redirect enhancement for infinity-computer-systems.com.
NEXT STEPS:
- The certificate was saved, but could not be installed (installer: apache). After fixing the error shown below, tr
y installing it again by running:
certbot install --cert-name infinity-computer-systems.com
Unable to find corresponding HTTP vhost; Unable to create one as intended addresses conflict; Current configuration
does not support automated redirection
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/let
sencrypt.log or re-run Certbot with -v for more details.
$ cat /etc/apache2/sites-enabled/000-default-le-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster@localhost
DocumentRoot ****
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# <LocationMatch "^/(?!\.well-known)">
#send all other requests to HTTPS
# RewriteEngine On
# Some rewrite rules in this file were disabled on your HTTPS site,
# because they have the potential to create redirection loops.
# RewriteCond %{HTTPS} !=on
# RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1
# </LocationMatch>
# RewriteCond %{SERVER_NAME} =infinity-computer-systems.com
# RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
ServerName infinity-computer-systems.com
Include /etc/letsencrypt/options-ssl-apache.conf
ServerAlias marref.org
SSLCertificateFile /etc/letsencrypt/live/infinity-computer-systems.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/infinity-computer-systems.com/privkey.pem
</VirtualHost>
</IfModule>
<IfModule mod_ssl.c>
<VirtualHost *:80>
ServerAdmin webmaster@localhost
DocumentRoot ****
ServerName marref.org
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<LocationMatch "^/(?!\.well-known)">
#send all other requests to HTTPS
RewriteEngine On
# Some rewrite rules in this file were disabled on your HTTPS site,
# because they have the potential to create redirection loops.
# RewriteCond %{HTTPS} !=on
# RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1
</LocationMatch>
# RewriteCond %{SERVER_NAME} =marref.org
# RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
</IfModule>
When you do go to add another site, keep that in mind.
If it needs to be served from a different document root, then it will need a separate vhost config (and that may require using a separate cert).
