Works for one domain, not the other

rg305 · September 13, 2020, 1:41am

Please also show the output of:
sudo grep -i servername /etc/apache2/*.conf

compata · September 13, 2020, 4:14am

“grep -i servername /etc/httpd/conf*/*.conf”

/etc/httpd/conf/httpd.conf:ServerName www.compata.com:80
/etc/httpd/conf/httpd.conf:  ServerName compata.com
/etc/httpd/conf/httpd.conf:  ServerName www.compata.com
/etc/httpd/conf/httpd-le-ssl.conf:    ServerName compata.com

rg305 · September 13, 2020, 4:16am

The servername in this file should probably NOT be the same name used for Internet connections.

I would change it to "default" or "anythingelse"

But as is used three times, I'm wondering why?
Maybe you can show the sections where the name is used.

compata · September 13, 2020, 4:19am

“portions of /etc/httpd/conf/httpd.conf”

# ServerName gives the name and port that the server uses to identify itself.
# This can often be determined automatically, but we recommend you specify
# it explicitly to prevent problems during startup.
#
# If your host doesn't have a registered DNS name, enter its IP address here.
#
ServerName www.compata.com:80
...
<VirtualHost *:80>
  ServerName compata.com
  Redirect permanent / https://www.compata.com/
</VirtualHost>
<VirtualHost *:80>
  ServerName www.compata.com
  Redirect permanent / https://www.compata.com/
</VirtualHost>

rg305 · September 13, 2020, 4:26am

Ok the two virtual host sections are correct and needed.
The first entry though is NOT.
It actually then sets that name as the default.
Which in turn is used in the file: /etc/httpd/conf.d/ssl.conf
and creates an overlapping name conflict with the same name used in the file: /etc/httpd/conf/httpd-le-ssl.conf

Long story short, change the first entry of ServerName in the file: /etc/httpd/conf/httpd.conf
To “localhost”, “whatever”, “doesntmatter”
So that it doesn’t create that conflict.
[don’t forget to restart the web server after the change]
Then confirm the conflict/overlap has been resolved with:
sudo apachectl -S

compata · September 13, 2020, 4:38am

THANK YOU !! That seems to have resolved the problem. All redirects are working and the certificate seems to be accepted.

It does seem strange to me that I have another site, on a different server with four names rather than two, and where the default ServerName is set the same as this one was but certificates are working for all combinations of the names. ( [www.]aginganswersnow.{com,net} )

rg305 · September 13, 2020, 4:41am

The problem is Apache.
It is notorious for running at all cost.
Which means that even though when there is such a name conflict it will continue and basically do the first one matched.
So it really depends on the file naming order (first come, first served).
In the other server you might have gotten lucky and the correct one came first (alphabetically).
[but that is NO WAY to run a server - luck of the draw - Apache should make more of a complaint or just not run in those situations]

compata · September 13, 2020, 4:42am

I’'ll fix the other one then, to avoid any future problem. Thanks again!

rg305 · September 13, 2020, 4:43am

Please show the output now of:
sudo apachectl -S

[and from the other server if you want too]

I will be more than happy to point out the obvious!
[Captain Obvious to the rescue]

compata · September 13, 2020, 4:49am

“httpd -S”

[Sat Sep 12 21:49:00.348680 2020] [core:trace3] [pid 220801:tid 220801] core.c(3388): Setting LogLevel for all modules to trace5
VirtualHost configuration:
*:80                   is a NameVirtualHost
         default server compata.com (/etc/httpd/conf/httpd.conf:360)
         port 80 namevhost compata.com (/etc/httpd/conf/httpd.conf:360)
         port 80 namevhost www.compata.com (/etc/httpd/conf/httpd.conf:365)
*:443                  is a NameVirtualHost
         default server localhost.localdomain (/etc/httpd/conf.d/ssl.conf:56)
         port 443 namevhost localhost.localdomain (/etc/httpd/conf.d/ssl.conf:56)
         port 443 namevhost compata.com (/etc/httpd/conf/httpd-le-ssl.conf:10)
                 alias www.compata.com
ServerRoot: "/etc/httpd"
Main DocumentRoot: "/var/www/html"
Main ErrorLog: "/etc/httpd/logs/error_log"
Mutex default: dir="/etc/httpd/run/" mechanism=default 
Mutex cache-socache: using_defaults
Mutex authdigest-opaque: using_defaults
Mutex watchdog-callback: using_defaults
Mutex proxy-balancer-shm: using_defaults
Mutex rewrite-map: using_defaults
Mutex ssl-stapling-refresh: using_defaults
Mutex authdigest-client: using_defaults
Mutex lua-ivm-shm: using_defaults
Mutex ssl-stapling: using_defaults
Mutex proxy: using_defaults
Mutex authn-socache: using_defaults
Mutex ssl-cache: using_defaults
PidFile: "/etc/httpd/run/httpd.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="apache" id=48
Group: name="apache" id=48

rg305 · September 13, 2020, 4:51am

That’s the way it should be!
Cheers from Miami

griffin · September 13, 2020, 5:35am

Great job guys!

The only thing I might add is that you probably want a redirect from https://compata.com to https://www.compata.com.

system · October 13, 2020, 5:35am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.