im trying to redirect http to https.
I've found a lot answers, but nothing works for me.
I dont know why, maybe its a apache2 config error?
I tryin it also in the .htaccess and there also nothing happens.
Just this Error:
Bad Request
Your browser sent a request that this server could not understand.
Reason: You're speaking plain HTTP to an SSL-enabled server port.
Instead use the HTTPS scheme to access this URL, please.
Here's my Virtual Host File.
#Redirect HTTP TO HTTPS
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{SERVER_NAME}/%$1 [R,L]
#VHOSTS
<VirtualHost *:443>
Servername www.latoya.eu
ServerAlias latoya.eu www.latoya.eu
Documentroot /var/www/latoya
ErrorLog /path/to/log/error.log
CustomLog /path/to/log/access.log combined
SSLEngine on
SSLCertificateFile /path/to/ssl/files/pem.crt
SSLCertificateKeyFile /path/to/ssl/files/private.key
SSLCertificateChainFile /path/to/ssl/files/pem.ca-bundle
</VirtualHost>
<VirtualHost *:443>
Servername board.latoya.eu
Documentroot /var/www/latoya
ErrorLog /path/to/log/error.log
CustomLog /path/to/log/access.log combined
SSLEngine on
SSLCertificateFile /path/to/ssl/files/pem.crt
SSLCertificateKeyFile /path/to/ssl/files/private.key
SSLCertificateChainFile /path/to/ssl/files/pem.ca-bundle
</VirtualHost>
<VirtualHost *:443 *:80>
Servername secure.latoya.eu
Documentroot /var/www/latoya
ErrorLog /path/to/log/error.log
CustomLog /path/to/log/access.log combined
SSLEngine on
SSLCertificateFile /path/to/ssl/files/pem.crt
SSLCertificateKeyFile /path/to/ssl/files/private.key
SSLCertificateChainFile /path/to/ssl/files/pem.ca-bundle
</VirtualHost>
<VirtualHost *:80 *:443>
Servername static.kritzelpixel.com
Documentroot /var/www/static.kritzelpixel.com
ErrorLog /path/to/log/error.log
CustomLog /path/to/log/access.log combined
SSLCertificateFile /path/to/ssl/files/pem.crt
SSLCertificateKeyFile /path/to/ssl/files/private.key
SSLCertificateChainFile /path/to/ssl/files/pem.ca-bundle
</VirtualHost>
Using "VirtualHost *:80 *:443" or the opposite in the same virtualhost tag is completely incorrect since one virtualhost can't be SSL and not be SSL at the same time.
The fact that Apache HTTPD is not screaming in pain about it is because you "can" use different ports in the same virtualhost but that was certainly not designed to have a SSL port and a non-SSL port together.
So my suggestion is you correct your configuration to look sane, that is, having specific virtualhost *:80 and virtualhost *:443 separately.
In the VirtualHost *:80 entries you can then Redirect / https://example.com/ with the specific hostnames for your case to redirect from 80 to 443 a single line and without the need to use mod_rewrite.
To redirect to SSL mod_rewrite is not needed and overkill.
Briefly:
<VirtualHost *:80>
ServerName example.com
Redirect / https://example.com/
</VirtualHost>
<VirtualHost *:443>
ServerName example.com
SSLEngine on
#other directives here
</VirtualHost>
And the same with the rest of the names if they have different configurations.
Related
Debian 10 / Apache2 -
GOAL: redirect all web traffic to VPS server to SSL. I have 2 sites hosted: bjmurrey.com and nextcloud.bjmurrey.com. I have 1 IP address.
PROBLEM: I can't for the life of me find a way to make this work. I have tried 1000 suggestions posted here and elsewhere with no success. The closest I get is everything redirects to https://bjmurrey.com when typing in nextcloud.bjmurrey.com. I am also a novice at this so please be kind.
I have a default.conf that looks like this:
<VirtualHost *:80>
ServerName www.bjmurrey.com
ServerAlias bjmurrey.com
DocumentRoot /var/www/blog
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
Redirect permanent / https://bjmurrey.com/
</VirtualHost>
<VirtualHost *:80>
ServerName nextcloud.bjmurrey.com
DocumentRoot /var/www/nextcloud
ServerAlias nextcloud.bjmurrey.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
Redirect permanent / https://nextcloud.bjmurrey.com/
</VirtualHost>
I have a default-ssl.conf that looks like this:
<VirtualHost bjmurrey.com:443>
ServerName bjmurrey.com
ServerAlias www.bjmurrey.com
DocumentRoot /var/www/blog
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/bjmurrey.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/bjmurrey.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
<VirtualHost nextcloud.bjmurrey.com:443>
ServerName nextcloud.bjmurrey.com
DocumentRoot /var/www/nextcloud
ServerAlias nextcloud.bjmurrey.com
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/nextcloud.bjmurrey.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/nextcloud.bjmurrey.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
bjmurrey.com is in var/www/blog and nextcloud.bjmurrey.com in the var/www/nextcloud directories.
I have my DNS records www and nextcloud both pointed to same IP. I only have 1 IP available. This is a very low traffic site.
I have done all kinds of things like just have the default virtual host redirect to only nextcloud and removed all mention of the www site and it still redirects to bjmurrey.com, or redirects with an SSL error saying that nextcloud can't be loaded because the ssl is for bjmurrey.com only. As you can see I have made certs with letsencrypt for both bjmurrey.com and nextcloud.bjmurrey.com.
I'm about to yank all my hair out in frustration, so I know I've tapped out all my knowledge here. Help!
I have retested with http and is working for me.
Both addresses mydomain.myhost.example.com and myhost.example.com resolve to the same IP.
This is my configuration file
ServerName example.com
<VirtualHost *:80>
ServerName mydomain.myhost.example.com
DocumentRoot /var/www/mydomain
</VirtualHost>
<VirtualHost *:80>
ServerName myhost.example.com
DocumentRoot /var/www/myhost
</VirtualHost>
Tested in Ubuntu 20.04.1, Apache 2.4
I'm trying to configure my Apache Server to redirect both:
Non-SSL http://support.nile.sd and SSL https://support.nile.sd to the link https://support.nile.sd/otrs/customer.pl, HTTP requests are well redirected via this force-redirect.conf:
$ vim /etc/httpd/conf.d/force-redirect.conf
<VirtualHost *:80>
ServerName support.nile.sd
Redirect permanent / https://support.nile.sd/otrs/customer.pl
</VirtualHost>
But HTTPS aren't redirected!! it goes to a strange page as follows:
Index of /
Name Last modified Size Description
Could you please tell me how to redirect HTTPS also, without having the "Too many redirects ERROR"
Now it works, I used the RedirectMatch expression, on both HTTP and HTTPS Virtual hosts as follows in the same force-redirect.conf file:
<VirtualHost *:80>
ServerName support.nile.sd
RedirectMatch permanent (.*)/$ https://support.nile.sd/otrs/customer.pl
</VirtualHost>
<VirtualHost *:443>
ServerName support.nile.sd
RedirectMatch permanent (.*)/$ https://support.nile.sd/otrs/customer.pl
SSLEngine On
SSLCertificateFile /etc/letsencrypt/live/support.nile.sd/certificate.pem
SSLCertificateKeyFile /etc/letsencrypt/live/support.nile.sd/privatekey.pem
SSLCertificateChainFile /etc/letsencrypt/live/support.nile.sd/chainofgod.pem
</VirtualHost>
You only have a rule for port 80, which is regular http:// protocol
I don't see a rule for port 443, which is https
you need to add the following
<VirtualHost *:443>
ServerName support.nile.sd
DocumentRoot /var/www/site
SSLEngine on
SSLCertificateFile /path/to/www_yoursite_com.crt
SSLCertificateKeyFile /path/to/www_yoursite_com.key
SSLCertificateChainFile /path/to/DigiCertCA.crt
Redirect permanent / https://support.nile.sd/otrs/customer.pl
</VirtualHost>
I get slightly crazy :)
I have a domain example.com and I have a SSL certificate for www.example.com
The example.com refers to the IP address of the server (it is an EC2 instance).
In the vhost.conf of the Server I have the following entries
<VirtualHost *:80>
ServerName example.com
Redirect permanent / https://www.example.com/
</VirtualHost>
<VirtualHost _default_:443>
ServerName www.example.com
DocumentRoot /var/www/vhosts/example-wp
SSLEngine On
...
</VirtualHost>
I took the information from the apache wiki.
https://wiki.apache.org/httpd/RedirectSSL
Thanks for helping
Tristan
You already have the necessary directives listed to perform the redirect. You also need to tell the vhost file where your certificate and key for the certificate exist. You also need to say whether or not a directory the user browses to is to load SSL. Please see a full example configuration file below.
<VirtualHost *:80>
ServerName www.example.com
ServerAlias example.com
Redirect / https://www.example.com/
</VirtualHost>
<VirtualHost *:443>
ServerName www.example.com
ServerAlias example.com
ServerAdmin webmaster#local
DocumentRoot /path/to/web/content
DirectoryIndex index.php index.html
ErrorLog logs/error_log
CustomLog logs/access combined
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/apache2/ssl.crt/certfile.cer
SSLCertificateKeyFile /etc/apache2/ssl.key/keyfile.key
<Directory "/path/to/web/content/">
Options None
AllowOverride None
Order allow,deny
Allow from all
SSLRequireSSL
</Directory>
</VirtualHost>
Hi I have the following use case, I have an application (let's call it foobar) on a remote server /var/www/foobar and I have the following Apache VirtualHost conf
<VirtualHost *:80>
DocumentRoot /var/www
# This is to redirect http traffic to https
Redirect permanent / https://example.com/
</VirtualHost>
<VirtualHost *:443>
SSLEngine On
SSLCertificateFile /etc/ssl/certs/example.com.crt
SSLCertificateKeyFile /etc/ssl/private/example.com.key
SSLCertificateChainFile /etc/ssl/certs/example.com.bundle.crt
ServerName example.com:443
DocumentRoot /var/www/foobar
</VirtualHost>
And its working all fine. Now suppose I have another domain example2.com and I want it to point to the same foobar application. My current thinking is create another VirtualHost below, something like this
<VirtualHost *:443>
SSLEngine On
SSLCertificateFile /etc/ssl/certs/example2.com.crt
SSLCertificateKeyFile /etc/ssl/private/example2.com.key
SSLCertificateChainFile /etc/ssl/certs/example2.com.bundle.crt
ServerName example2.com:443
DocumentRoot /var/www/foobar
</VirtualHost>
But I was wondering is this the correct way of doing stuff like this? I need both domains to be "independent" so I didn't make a permanent redirect from example2.com to example.com
You can do something like below,You can use the server alias for this, Also I don't see anything wrong in having 2 virtual hosts as well.
<VirtualHost *:443>
ServerName example1.com
ServerAlias example2.com
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/apache.crt
SSLCertificateKeyFile /etc/apache2/ssl/apache.key
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html/testlink
</VirtualHost>
If you are getting unable to get a certificate error, you can create a certificate with a wildcard CN. e.g : *.comthis will match both example1.com and example2.com.
I have a CentOS/Apache+OpenSSL server. I host two domain names with wildcard sub domains (application logic surfaces the correct site), e.g.
https://*.testing1.com
https://*.testing2.com
It works great over HTTP:-
<VirtualHost *:80>
# Admin email, Server Name (domain name) and any aliases
ServerAdmin webmaster#testing1.com
ServerName testing1.com
ServerName testing2.com
ServerAlias *.testing1.com *.testing2.com
# Index file and Document Root (where the public files are located)
DirectoryIndex index.html index.php
DocumentRoot /home/app/public_html/public
</VirtualHost>
I've purchased two Wildcard SSL certificated for both testing1.com and testing2.com, but I'm unsure how to set it up in this structure:-
<VirtualHost *.testing1.com:443>
SSLEngine On
SSLCertificateFile /etc/httpd/ssl/*.testing1.com.crt
SSLCertificateKeyFile /etc/httpd/ssl/*.testing1.com.key
SSLCACertificateFile /etc/httpd/ssl/geotrust.cer
ServerAdmin john#testing1.com
ServerName testing1.com
ServerAlias *.testing1.com
DirectoryIndex index.html index.php
DocumentRoot /home/app/public_html/public
</VirtualHost>
<VirtualHost *.testing2.com:443>
SSLEngine On
SSLCertificateFile /etc/httpd/ssl/*.testing2.com.crt
SSLCertificateKeyFile /etc/httpd/ssl/*.testing2.com.key
SSLCACertificateFile /etc/httpd/ssl/geotrust.cer
ServerAdmin john#testing2.com
ServerName testing2.com
ServerAlias *.testing2.com
DirectoryIndex index.html index.php
DocumentRoot /home/app/public_html/public
</VirtualHost>
The above for the SSL doesn't work, with the *.testing1.com definition, nor with just testing1.com.
I will also need to repeat this for testing2.com
Name-based virtualhosts and SSL wil only work if all the virtualhosts are within the same domain and you have a wildcard SSL certificate for that domain.
But you have 2 different domains.
In this case it will only work if you give each SSL-enabled virtualhost it's own IPaddress.
So you should use IP-based virtualhosts, not Name-based.
Explanation:
The ServerName which is requested, is contained in the HTTP request headers, but before that the SSL encryption must be already setup. So the ServerName is only available after the encryption has been setup. Therefore Apache can never know which SSL certificate te serve up and wil just use the first one available on that particular IPaddress.
With the single dedicated IP we can configure domain-based wildcard SSL in centos + apache2.2 server.
Hope the configurations below will help you guys!!
NameVirtualHost IP:80
NameVirtualHost IP:443
Domain 1
<VirtualHost IP:80>
ServerName abc.domain1.com
DocumentRoot /var/www/html/domain1
</VirtualHost>
<VirtualHost IP:443>
ServerName *.domain1.com
DocumentRoot /var/www/html/domain1
SSLEngine On
SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /var/www/html/domain1/cert/5465456.crt
SSLCertificateKeyFile /var/www/html/domain1/cert/domain1.com.key
SSLCertificateChainFile /var/www/html/domain1/cert/g2-g1.crt
</VirtualHost>
Domain 2
<VirtualHost IP:80>
ServerName abc.domain2.com
DocumentRoot /var/www/html/domain2
</VirtualHost>
<VirtualHost IP:443>
ServerName abc.domain2.com
DocumentRoot /var/www/html/domain2
SSLEngine On
SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /var/www/html/domain2/cert/5465456.crt
SSLCertificateKeyFile /var/www/html/domain2/cert/domain1.com.key
SSLCertificateChainFile /var/www/html/domain2/cert/g2-g1.crt
</VirtualHost>