I am trying to get a secured connection on Apache2 working but i am having a hard time. The operating system is a new install of Ubuntu 18.04 (reinstalled today as i have been running around in circles trying to eliminate reasons this isn't working).
I can get http working, and https works using internal ip address only. External ip address gives me connection timed out.
The content i was trying to serve was a php application but at the moment i am using a single html page with one line of text until i can get this working.
Here are my VirtualHost settings.
<VirtualHost *:80>
ServerAdmin webmaster#localhost
DocumentRoot /var/www/http
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster#localhost
DocumentRoot /var/www/http
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /etc/cloudflare/ocdev.pem
SSLCertificateKeyFile /etc/cloudflare/ocdev.key
SSLCACertificateFile /etc/cloudflare/origin.pem
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
</VirtualHost>
</IfModule>
I have enabled ssl using a2enmod ssl command.
Happy to provide any more information if it will help.
Please assist!
Related
My Working url is given below which was working fine before ssl configuration. but after ssl cert configuration it is not working it is returnnig me the error
which is given below.
Url :
http://my-test-dev02.org.net:81
Error :
This page isn’t working my-test-dev02.org.net redirected you too many times.
Try clearing your cookies.
ERR_TOO_MANY_REDIRECTS
Apache configuration which i have is given below :
In 000-default.conf File :
<VirtualHost *:81>
Redirect permanent / https://my-test-dev02.org.net:81
WSGIDaemonProcess skg-sa-ver12.org.net python-path=/volume/python3.8/site-packages
WSGIScriptAlias / /c/my_dashboard/my_dashboard/wsgi.py
<Directory "/c/my_dashboard/my_dashboard">
Require all granted
</Directory>
ServerAdmin webmaster#localhost
DocumentRoot /c/
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
default-ssl.conf File
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
#<VirtualHost *:443>
WSGIScriptAlias / /c/my_dashboard/my_dashboard/wsgi.py
ServerAdmin nehak#org.net
<Directory "/c/my_dashboard/my_dashboard">
Require all granted
</Directory>
Alias /media/ /c/my_dashboard/my_dashboard/media/
<Directory /c/my_dashboard/my_dashboard/media>
Require all granted
</Directory>
DocumentRoot /c/
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /etc/apache2/certs/my-test-dev02_org_net/my-test-dev02_org_net.cer
SSLCertificateKeyFile /etc/apache2/certs/my-test-dev02_org_net.key
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
</VirtualHost>
</IfModule>
In ports.conf file configuration i have :
Listen 81
<IfModule ssl_module>
Listen 443
</IfModule>
<IfModule mod_gnutls.c>
Listen 443
</IfModule>
above is my configuration for ssl cert and apache. I don't know why i am getting the error but without ssl cert i was able to access it. but after i am getting the error can anyone help me related this? what i am missing here and why this url is not securely redirecting ?
my configuration file for redirecting http to https is not working. I have tried different options found in StackOverflow
Apache virtual host redirect http to https
plus external resources like https://www.digitalocean.com/community/tutorials/how-to-create-temporary-and-permanent-redirects-with-apache-and-nginx
https://www.digitalocean.com/community/tutorials/how-to-rewrite-urls-with-mod-rewrite-for-apache-on-debian-10
the alias_mod and rewrite_mod are enabled (in the mods-enables folder)
port 80 and 443 are enabled (in the ports.conf file)
I have also tried with htacces in the project folder but I would rather not to use it
At the moment I have two conf files (one for the HTTP and the other for the https, as for default-guidelines conf files existing in the apache2 folder)
The app works on BOTH https and HTTP but there is no redirect (not in the network in the development tools and I cannot get any info from the logs)
The app has an internal redirect from "/" to the "/login" : I do not know if it can cause any issue
These are the conf files:
1- example.con
<VirtualHost *:80>
ServerAdmin webmaster#localhost
ServerName example.com
DocumentRoot /var/www/assets/eit_resource_manager_frontend/build
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
RedirectMatch ^(.*)$ https://example.com$1
</VirtualHost>
2- example.ssl.conf
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
ServerAdmin webmaster#localhost
ServerName example.com
DocumentRoot /var/www/assets/eit_resource_manager_frontend/build
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
</VirtualHost>
</IfModule>
I have bought three certificates from SSLS (not OpenSSL like most examples and tutorials discuss) for two domains + one subdomain. Let's call them mysite1.com, www.mysite1.com and mysite2.com. I am trying to install the certificates on a single server with a single IP address. I had earlier tried this with OpenSLL and things got messed up, plus this is a production environment so I can't afford to experiment. I have looked at a lot of tutorials including:
https://www.digicert.com/ssl-support/apache-multiple-ssl-certificates-using-sni.htm
https://www.digitalocean.com/community/tutorials/how-to-create-a-self-signed-ssl-certificate-for-apache-in-debian-9
Here's what I have so far:
default-ssl.conf:
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
ServerName mysite1.com
ServerAdmin me#mysite1.com
DocumentRoot /var/www/mysite1.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /var/www/ssl/certs/mysite1.com.crt
SSLCertificateKeyFile /var/www/ssl/private/mysite1.com.key
SSLCertificateChainFile /var/www/apache2/ssl.crt/mysite1.com.ca-bundle
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
</VirtualHost>
<VirtualHost mysite2.com:443>
ServerName mysite2.com
ServerAdmin me#mysite1.com
DocumentRoot /var/www/mysite2.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /var/www/ssl/certs/mysite1.com.crt
SSLCertificateKeyFile /var/www/ssl/private/mysite1.com.key
SSLCertificateChainFile /var/www/apache2/ssl.crt/mysite1.com.ca-bundle
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
</VirtualHost>
</IfModule>
ports.conf
# If you just change the port or add more ports here, you will likely also
# have to change the VirtualHost statement in
# /etc/apache2/sites-enabled/000-default.conf
Listen 80
<IfModule ssl_module>
Listen 443
</IfModule>
<IfModule mod_gnutls.c>
Listen 443
</IfModule>
I have several questions:
I assume that NameVirtualHost is no longer required (according to this) or should I put it in just in case?
Not sure what FilesMatch and Directory do - are they required?
How do I configure the www.mysite1.com address?
Anything else I need to do?
Your help is appreciated.
I have a webserver on my raspberry pi, my url I bought on strato.de and my dyndns is on noip.com. The redirecting from my url to the raspberry pi is fine and works. Now I wanted to use automatically redirection from http-request to https. Therefore I installed letsencrypt and create a ssl certificate file. Also I enabled ssl on strato.de for my url. I tested it with https://www.myurl.de/ and it works but if I use http://www.myurl.de I get this error:
Network Error (tcp_error)
A communication error occurred: "Connection refused"
The Web Server may be down, too busy, or experiencing other problems preventing it from responding to requests. You may wish to try again at a later time.
Transaction ID: b5151b4415351db8-000000008e3c905d-000000005c177c1e
For assistance, contact your network support team.
Your request was categorized by Blue Coat Web Filter as 'Dynamic DNS Host'.
If you wish to question or dispute this result, please click here.
It sounds to me as something in the config-files are wrong. Therefore is here my code of the 000-default.conf and default-ssl.conf file.
000-default.conf
<VirtualHost *:80>
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L]
</IfModule>
</VirtualHost>
default-ssl.conf:
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/<noip-dyndns-name>.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/<noip-dyndns-name>.com/privkey.pem
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
</VirtualHost>
</IfModule>
Does someone see my mistake I made?
I have a domain say example.com using SSL. Now i have created a test site for the application and hosted in test.example.com. But whenever i am trying to access test.example.com i am getting connection not private error. That sub domain is also using the SSL somehow.
I tried to add redirect rule to http version in .htaccess and vhost files, but not working. Any solution?
Here is the default-ssl.conf file:
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName example.com
ServerAlias www.example.com
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html/frontend
DirectoryIndex index.html
<Directory /var/www/html/frontend>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Require all granted
</Directory>
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine On
SSLCertificateFile /etc/ssl/certfile.crt
SSLCertificateKeyFile /etc/ssl/certkey.key
SSLCertificateChainFile /etc/ssl/gd_bundle-g2-g1.crt
</VirtualHost>
</IfModule>