I would not just assume anything.
Compare them against each other.
See what they are trying to do and pick (or merge them if needed into just) one file.
so line 56 in conf.d/ssl.conf is
<VirtualHost _default_:443>
to me that’s fine, right?
i’m just noticing now that the conf.d/ssl.conf is listed twice there… in your initial “boom found it” post
It uses the system name - so, no, not exactly best practice (for me at least).
You may need to find, and change, the “ServerName” in the main http.conf file to indirectly change it there.
Yeah - good eye!
So it’s actually just two files - that are in conflict (not three)
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName server.eyethrees.net
DocumentRoot "/var/www/html/server.eyethrees.net"
<Directory "/var/www/html/server.eyethrees.net">
allow from all
Options None
Require all granted
</Directory>
RewriteEngine On
RewriteCond %{HTTP_HOST} ^www\.server.eyethrees\.net$ [NC]
RewriteRule ^(.*)$ http://server.eyethrees.net$1 [R=301,L]
# Some rewrite rules in this file were disabled on your HTTPS site,
# because they have the potential to create redirection loops.
# RewriteCond %{SERVER_NAME} =www.servwer.eyethrees.net [OR]
# RewriteCond %{SERVER_NAME} =server.eyethrees.net
# RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/server.eyethrees.net/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/server.eyethrees.net/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/server.eyethrees.net/chain.pem
</VirtualHost>
</IfModule>
this is the relevant section from httpd-le-ssl.conf
see anything here?
comparing to the main domain’s section from the same file:
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName eyethrees.net
ServerAlias www.eyethrees.net
DocumentRoot "/var/www/html/eyethrees.net"
<Directory "/var/www/html/eyethrees.net">
allow from all
Options None
Require all granted
</Directory>
RewriteEngine On
RewriteCond %{HTTP_HOST} ^www\.eyethrees\.net$ [NC]
RewriteRule ^(.*)$ http://eyethrees.net$1 [R=301,L]
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/server.eyethrees.net/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/server.eyethrees.net/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/server.eyethrees.net/chain.pem
</VirtualHost>
</IfModule>
All that looks good.
You need to check/compare the DocumentRoot
section in the other file
gotcha, i was just noticing there’s nothing really standing out there
the DocumentRoot line is commented out (as is about 95% of the file)
[this is the important stuff from that file]
##
## SSL Virtual Host Context
##
<VirtualHost _default_:443>
# General setup for the virtual host, inherited from global configuration
#DocumentRoot "/var/www/html"
#ServerName www.example.com:443
that’s from the conf.d/ssl.conf file
I would leave that file alone and just change the server's name in the http.conf file
Probabaly at /etc/apache2/
Might be named httpd.conf
or apache2.conf
In the "main" section, you should see:
ServerName server.eyethrees.net
Change that setting there and restart apache.
found it at: /etc/httpd/conf/httpd.conf
(fyi)
ServerName server.eyethrees.net:80
so it’s already set
Different versions of Apache put things in different locations (and with different names).
That needs to NOT be that.
so remove the :80 at the end?
And also remove the :80 at the end.
What I’m saying thou is the name needs to be NOT that name.
Otherwise, if that name can’t be changed (for whatever reason(s)), then you will have to force Apache to reorder the files processed.
[order matters - top down matching hits the wrong file first]
Either method will work.
so i removed the :80 at the end and restarted apache and that didn’t seem to do anything
server.eyethrees.net is the ‘hostname’ of the server and i guess that’s why it got set that way
should the ServerName be xxxx.eyethrees.net ?? or just xxxx?
The server's actual name is mostly irrelevant.
The service name must be a proper FQDN and be handled accordingly.
In the human world it's much like how actors use "Stage Names" - their real names don't matter much in that service world.