I'm trying to configure SSL certificates on AWS ec2 Instance, I followed the following steps:
Created instance on ec2 with ubuntu OS.
Issued a certificate through certificate manager on my domains -> Ex: *.domains.com and domains.com
Created a Classic Load balancer to point these certificate and ec2 instance.
Configured A record in Route 53 to alias of load balancer
Configured my virtual host on apache2
$sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/apache-selfsigned.key -out /etc/apache2/ssl/apache-selfsigned.crt
I obtained self signed certificates with all the necessary details which was asked.
And configured my virtual host something like this:
<VirtualHost *:443>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com
ServerAdmin support#noeticitservices.com
ServerName ssltest.domains.com
ServerAlias ssltest.domains.com
DocumentRoot /var/www/html/****/public
ErrorLog /var/www/html/****/error.log
CustomLog /var/www/html/****/access.log combined
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/apache-selfsigned.crt
SSLCertificateKeyFile /etc/apache2/ssl/apache-selfsigned.key
<Directory /var/www/html/****/public>
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Order allow,deny
Allow from all
Require all granted
</Directory>
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
</VirtualHost>
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com
ServerAdmin support#noeticitservices.com
ServerName ssltest.domains.com
ServerAlias ssltest.domains.com
DocumentRoot /var/www/html/****/public
ErrorLog /var/www/html/****/error.log
CustomLog /var/www/html/****/access.log combined
<Directory /var/www/html/****/public>
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Order allow,deny
Allow from all
Require all granted
</Directory>
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
</VirtualHost>
When I access my domain it is not taking Amazon Issued Certificates. How can I point the certificates, I've gone through almost all the resources available on Internet. My default-ssl.conf is also enabled mod_ssl is also enabled. Help me out with this.
Configured A record in Route 53 to alias of load balancer
OK, here's where I think you messed up. dig ns biltrax.com gives me the following nameservers for your domain:
ns34.domaincontrol.com
ns33.domaincontrol.com
I believe these are GoDaddy's. Whatever they are, they're not Route53's nameservers. As such, the records you have in Route53 have no effect - they're ignored, as your domain's DNS is handled by a different service entirely.
If you want Route53 to be responsible for the domain, you'll have to point the domain at the Route53 nameservers at your registrar.
Related
I just purchased a domain from GoDaddy, let's call it example.com. I set up my A record and CNAME to properly point to my home IP address (see picture below) where I run an Apache2 server on my Raspberry Pi.
My 000-default.conf file is as follows:
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
ServerName www.example.com
ServerAlias example.com
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html
ErrorDocument 404 /404.html
<Directory "/var/www/html">
AllowOverride All
Options All
Require all granted
# Any other directives
</Directory>
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
</VirtualHost>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
I have searched the internet for hours and even asked another question on StackOverflow to where I thought the problem was resolved, however after about an hour of restarting the Apache2 service on the Raspberry Pi, it goes back to showing my home IP Address in the address bar instead of my newly purchased domain. I have tried restarting the service multiple times but I always end up with the same result. Flushing DNS on my devices does nothing, too. How can I make it so that it always shows my domain in the address bar?
Make sure that in your Domain provider (GoDaddy for example) that you aren't forwarding to your IP address. Instead, forward to your domain.
I installed an ubuntu server 16.04 and LAMP, it works very well and I can load default web by using ip address.
Also I created a new virtual host by domain synappse.ir. If I enter synappse.ir/index.html, it loads the page and there is not any issue but when I enter just the name of the domain without index.php, it can not find or load the index.html file!
Here is my config file for virtual host :
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerNamei
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com
ServerAdmin nasser.man#gmail.com
ServerName synappse.ir
ServerAlias synappse.ir
DocumentRoot /var/www/synappse.ir
DirectoryIndex index.html
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
#<Directory /var/www/html>
# Options Indexes FollowSymLinks MultiViews
# AllowOverride All
# Require all granted
#</Directory>
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
</VirtualHost>
Is there any other configuration for enabling this feature?
Sorry, pages were cached, every thing is ok.
So I have Ubuntu 16 installed with LAMP and couple of other things on it (like FTP server...).
IP of my VPS is 1.2.3.4.
I have 2 domains, example.com and mydomain.com - both of these domains have their A record pointed at 1.2.3.4
If I access 1.2.3.4 and example.com and mydomain.com in my browser, all those three are showing the SAME data, specifically the contents of /var/www/html - if I change content of this directory it affects example.com and mydomain.com and the 1.2.3.4.
Now how can I set additional folders for domains to read from? I want different data on example.com and on mydomain.com - I want to make them read from different folder on server. How can i setup this please?
What you want to achieve is technically defined as setting virtual hosts which could be set using the following steps:
Under your Apache configurations directory, usually at /etc/apache2/, you will find a directory named sites-enabled.
For each of your domains, you will need to configure a special configuration file in order to point them to the right direction. The name of the file is typically your-domain.conf.
Here's an example of the file:
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port
# that the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
ServerName your_domain
ServerAlias www.your_domain
ServerAdmin webmaster#your_domain
DocumentRoot website_directory
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
<Directory website_directory>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
</VirtualHost>
After saving the file you will need to restart the Apache server
/etc/init.d/apache2 restart
Repeat the above steps for each of your domains.
If everything goes right, your site will show when you access your domain.
I had been install apache2 and php5 and i know that is index.php file in var/www/html/index.php but i want to change it to /home/pc/www/public/index.php and i setup in etc/apache2/sites-available/000-default.conf document root to "DocumentRoot /home/pc/www/public/" here is my conf file:
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com
ServerAdmin webmaster#localhost
DocumentRoot /home/pc/www/public/
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
</VirtualHost>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
And when i try to get access to localhost in firefox i get this error:
Forbidden
You don't have permission to access / on this server.
Apache/2.4.7 (Ubuntu) Server at localhost Port 80
But when i set DocumentRoot to default directory it works. Please help.
Does the Apache user (usually apache or nobody) have permissions to that directory? Make sure you have at least o+r permissions on the directory.
Solution from OP.
I was need change directory in apache2.conf too.
Here is code what I was need to change in apache2.conf file:
<Directory /home/pc/www/public/>
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
As my user id suggests, I am a novice programmer.
I am trying a simple Apache server configuration in ubuntu,
I have created below .conf file in /etc/apache2/sites-available/awesome.conf with below code. Also I have created a symbolic link in /etc/apache2/sites-enable and restarted the Apache.
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
ServerName www.myawesome.org
ServerAdmin webmaster#localhost
DocumentRoot /var/www/awesome
DirectoryIndex hello.php
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
</VirtualHost>
when I access localhost/awesome/hello.php I get the desired text "Hello World".
But when I type www.myawesome.org it dispays below message:
"Server not found"
Any help/guidance is appreciated.
Regards....
You need to edit the hosts file and add the ServerName here pointing to localhost
Open hosts file with:
sudo nano /etc/hosts
...and at the end of this file add:
127.0.0.1 www.myawesome.org