Website stop working (or isn´t reachable) after SSL instalation

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. |, so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:
$ sudo apt update
$ sudo apt install snapd
$ sudo snap install core; sudo snap refresh core
$ sudo apt-get remove certbot
$ sudo snap install --classic certbot
$ sudo ln -s /snap/bin/certbot /usr/bin/certbot
$ sudo certbot --apache
$ sudo certbot renew --dry-run

It produced this output:
Don´t know how to see it^^

My web server is (include version):
Apache/2.4.38 (Raspian)

The operating system my web server runs on is (include version):
Raspbian GNU/Linux 10 (buster)

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):
I don´t know

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
yes if u mean SSH

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 1.18.0

Hi @C-Jack, welcome to the LE community forum :slight_smile:

Something is definitely out of sorts with HTTPS access:

curl -Iki
HTTP/1.1 301 Moved Permanently
Date: Sat, 28 Aug 2021 16:17:52 GMT
Server: Apache/2.4.38 (Raspbian)
Content-Type: text/html; charset=iso-8859-1

curl -Iki
curl: (7) Failed to connect to port 443: No route to host

Let's start to unravel this with the outputs of:
sudo netstat -pant | grep -i listen
sudo apachectl -t -D DUMP_VHOSTS

Cert inspection in the browser reports connection failure. :smirk:

22/tcp   filtered ssh
80/tcp   open     http
443/tcp  filtered https
1 Like

Thanks for this fast responding :slight_smile:

ok i got this output:

After "sudo netstat -pant | grep -i listen" I got this:

tcp        0      0*       LISTEN      558/sshd            
tcp        0      0*       LISTEN      369/cupsd           
tcp6       0      0 :::80              :::*            LISTEN      599/apache2         
tcp6       0      0 ::1:3350           :::*            LISTEN      559/xrdp-sesman     
tcp6       0      0 :::22              :::*            LISTEN      558/sshd            
tcp6       0      0 ::1:631            :::*            LISTEN      369/cupsd           
tcp6       0      0 :::443             :::*            LISTEN      599/apache2         
tcp6       0      0 :::3389            :::*            LISTEN      592/xrdp  

After "sudo apachectl -t -D DUMP_VHOSTS" I got this:

AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using Set the 'ServerName' directive globally to suppress this message
VirtualHost configuration:
*:443 (/etc/apache2/sites-enabled/000-default-le-ssl.conf:2)
*:80 (/etc/apache2/sites-enabled/000-default.conf:1)
1 Like

OK, I think the problem is likely with the routing/port forwarding.
Please check that both 80 and 443 are can reach your RPi.

And also that the local firewall is not dropping it:
sudo ufw status

Mine shows:

ufw status
Status: active

To                         Action      From
--                         ------      ----
80                         ALLOW       Anywhere
443                        ALLOW       Anywhere
22                         LIMIT       Anywhere
80 (v6)                    ALLOW       Anywhere (v6)
443 (v6)                   ALLOW       Anywhere (v6)

OMG it works!!!!!

My Router Port 443 wasn´t active.
Thanks :smiley:

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.