I have a Server which is running Debian 8.1 with Apache 2.4.10 and OpenSSL 1.0.1k.
I have a domain example.com with a few subdomains like www.example.com, cloud.example.com and db.example.com all pointet to the Server (A-Records).
All these subdomains have their own VirtualHosts with their own SSL-Certificates. Also if you send a HTTPS-Request with another domain or with the IP you'll get a page with a self-signed certificate.
Everything was running perfect until I rebootet my server.
Now when I request example.com (without a subdomain-prefix) I get the self-signed crt. The subdomains are working perfectly fine. I have the following vHost-Configs:
(because I only want HTTPS I have a Rewrite-Rule for all HTTP-Connections)
000-default.conf
<VirtualHost *:80>
ServerAdmin admin#example.com
RewriteEngine On
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit, alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin admin#example.com
DocumentRoot /var/www
<Directory /var/www>
AllowOverride All
Require all granted
</Directory>
Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
ErrorLog ${APACHE_LOG_DIR}/error.ssl.log
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.ssl.log combined
SSLEngine on
SSLCertificateFile /etc/ssl/certs/default/ca.crt
SSLCertificateKeyFile /etc/ssl/certs/default/ca.key
</VirtualHost>
</IfModule>
www.example.com.conf
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin admin#example.com
ServerName www.example.com
ServerAlias example.com
DocumentRoot /var/www/example
<Directory /var/www/example>
AllowOverride All
Require all granted
</Directory>
Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
ErrorLog ${APACHE_LOG_DIR}/error.ssl.log
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.ssl.log combined
SSLEngine on
SSLCertificateFile /etc/ssl/certs/www.example.com/ca.crt
SSLCertificateKeyFile /etc/ssl/certs/www.example.com/ca.key
SSLCertificateChainFile /etc/ssl/certs/www.example.com/sub.class1.server.ca.pem
SSLCACertificateFile /etc/ssl/certs/www.example.com/ca.pem
</VirtualHost>
</IfModule>
cloud.example.com.conf
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin admin#example.com
ServerName cloud.example.com
DocumentRoot /var/www/example
<Directory /var/www/example>
AllowOverride All
Require all granted
</Directory>
Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
ErrorLog ${APACHE_LOG_DIR}/error.ssl.log
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.ssl.log combined
SSLEngine on
SSLCertificateFile /etc/ssl/certs/www.example.com/ca.crt
SSLCertificateKeyFile /etc/ssl/certs/www.example.com/ca.key
SSLCertificateChainFile /etc/ssl/certs/www.example.com/sub.class1.server.ca.pem
SSLCACertificateFile /etc/ssl/certs/www.example.com/ca.pem
</VirtualHost>
</IfModule>
I really hope that somebody can help me!
The hostname was example (like the domain, but without .com) so I changed the hostname to some random typing and after a reboot everything worked fine again. When I changed my hostname back it kept working even after a reboot.
For me changing the order of VirtualHosts helped to solve the problem, by putting malfunctioning VirtualHost to the top in the conf file.
Related
My Working url is given below which was working fine before ssl configuration. but after ssl cert configuration it is not working it is returnnig me the error
which is given below.
Url :
http://my-test-dev02.org.net:81
Error :
This page isn’t working my-test-dev02.org.net redirected you too many times.
Try clearing your cookies.
ERR_TOO_MANY_REDIRECTS
Apache configuration which i have is given below :
In 000-default.conf File :
<VirtualHost *:81>
Redirect permanent / https://my-test-dev02.org.net:81
WSGIDaemonProcess skg-sa-ver12.org.net python-path=/volume/python3.8/site-packages
WSGIScriptAlias / /c/my_dashboard/my_dashboard/wsgi.py
<Directory "/c/my_dashboard/my_dashboard">
Require all granted
</Directory>
ServerAdmin webmaster#localhost
DocumentRoot /c/
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
default-ssl.conf File
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
#<VirtualHost *:443>
WSGIScriptAlias / /c/my_dashboard/my_dashboard/wsgi.py
ServerAdmin nehak#org.net
<Directory "/c/my_dashboard/my_dashboard">
Require all granted
</Directory>
Alias /media/ /c/my_dashboard/my_dashboard/media/
<Directory /c/my_dashboard/my_dashboard/media>
Require all granted
</Directory>
DocumentRoot /c/
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /etc/apache2/certs/my-test-dev02_org_net/my-test-dev02_org_net.cer
SSLCertificateKeyFile /etc/apache2/certs/my-test-dev02_org_net.key
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
</VirtualHost>
</IfModule>
In ports.conf file configuration i have :
Listen 81
<IfModule ssl_module>
Listen 443
</IfModule>
<IfModule mod_gnutls.c>
Listen 443
</IfModule>
above is my configuration for ssl cert and apache. I don't know why i am getting the error but without ssl cert i was able to access it. but after i am getting the error can anyone help me related this? what i am missing here and why this url is not securely redirecting ?
I have a few sites running on a server running apache2 and I have forgotten how I auto forwarded all traffic to https. Trying to run letsencrypt but it must visit the http page first. when I wget the page I receive:
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://example.org/ [following]
I do not see anything in apache2.conf
mysite.conf
<VirtualHost *:80>
ServerAdmin admin
DocumentRoot /var/www/html/mysite/
ServerName example.org
Alias /mysite "/var/www/html/mysite/"
<Directory /var/www/html/mysite/>
Options +FollowSymlinks
AllowOverride All
Require all granted
<IfModule mod_dav.c>
Dav off
</IfModule>
SetEnv HOME /var/www/html/mysite
SetEnv HTTP_HOME /var/www/html/mysite
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
mysite-le-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin admin
DocumentRoot /var/www/html/mysite/
ServerName mysite.org
ServerAlias www.example.org
Alias / "/var/www/html/mysite/"
<Directory /var/www/html/mysite/>
Options +FollowSymlinks
AllowOverride All
Require all granted
<IfModule mod_dav.c>
Dav off
</IfModule>
SetEnv HOME /var/www/html/mysite
SetEnv HTTP_HOME /var/www/html/mysite
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/oldsite/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/oldsite/privkey.pem
</VirtualHost>
</IfModule>
<VirtualHost *:80>
ServerAdmin admin
DocumentRoot /var/www/html/mysite/
ServerName example.org
ServerAlias www.example.org
Alias / "/var/www/html/mysite/"
<Directory /var/www/html/mysite/>
<IfModule mod_dav.c>
Dav off
</IfModule>
SetEnv HOME /var/www/html/mysite
SetEnv HTTP_HOME /var/www/html/mysite
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
not sure what I need to do to allow lets encrypt to complete the certs. Any help would be greatly appreciated!
I have a domain say example.com using SSL. Now i have created a test site for the application and hosted in test.example.com. But whenever i am trying to access test.example.com i am getting connection not private error. That sub domain is also using the SSL somehow.
I tried to add redirect rule to http version in .htaccess and vhost files, but not working. Any solution?
Here is the default-ssl.conf file:
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName example.com
ServerAlias www.example.com
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html/frontend
DirectoryIndex index.html
<Directory /var/www/html/frontend>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Require all granted
</Directory>
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine On
SSLCertificateFile /etc/ssl/certfile.crt
SSLCertificateKeyFile /etc/ssl/certkey.key
SSLCertificateChainFile /etc/ssl/gd_bundle-g2-g1.crt
</VirtualHost>
</IfModule>
We're trying to use SSL on our website.
The website is on a ubuntu server 2016. I've generated certicates from let's encrypt and followed the ubuntu tutorial but at the end i'm getting ERR_CONNECTION_REFUSED
<VirtualHost *:443>
ServerAdmin webmaster#sitename.eu
ServerName dp7.sitename.eu
ServerAlias www.dp7.sitename.eu
#SSLEngine on
#SSLCertificateFile /etc/letsencrypt/live/sitename.fr/cert.pem
#SSLCertificateChainFile /etc/letsencrypt/live/sitename.fr/fullchain.pem
#SSLCertificateKeyFile /etc/letsencrypt/live/sitename.fr/privkey.pem
DocumentRoot /var/www/bt750
<Directory "/var/www/bt750">
Options +FollowSymLinks -MultiViews
AllowOverride all
Order allow,deny
allow from all
Require all granted
</Directory>
ErrorLog /var/log/apache2/dp7_ssl_error.log
LogLevel warn
CustomLog /var/log/apache2/dp7_ssl_access.log "combined"
</VirtualHost>
i have flushed all my chrome cache, without success
how can i solve this problem ?
You have some errors in apache configuration. You need Listen the 443 port and uncomment SLL configuration
Listen 443
<VirtualHost *:443>
ServerAdmin webmaster#sitename.eu
ServerName dp7.sitename.eu
ServerAlias www.dp7.sitename.eu
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/sitename.fr/cert.pem
SSLCertificateChainFile /etc/letsencrypt/live/sitename.fr/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/sitename.fr/privkey.pem
DocumentRoot /var/www/bt750
<Directory "/var/www/bt750">
Options +FollowSymLinks -MultiViews
AllowOverride all
Order allow,deny
allow from all
Require all granted
</Directory>
ErrorLog /var/log/apache2/dp7_ssl_error.log
LogLevel warn
CustomLog /var/log/apache2/dp7_ssl_access.log "combined"
</VirtualHost>
I have 2 domains which I have separately configured in 2 vhosts files. I need one of this domains to permanently redirect to the second one. Before reloading apache, I've run 'configtest' and I got "Syntax Ok". However apparently I got a redirect loop. Btw, the website is a drupal installation, not sure how much does this count.
Here's my 2 conf files.
[root#prod ~]# cat meh-1_com.conf
<VirtualHost *:80>
ServerName meh-1.com
ServerAlias www.meh-1.com
DocumentRoot /var/www/html/meh1/
<Directory /var/www/html/meh1/>
Options +FollowSymLinks Indexes
AllowOverride All
order allow,deny
allow from all
</Directory>
RewriteEngine On
RewriteOptions inherit
CustomLog /var/log/httpd/meh1.log combined
</VirtualHost>
<VirtualHost *:443>
ServerName meh-1.com
ServerAlias www.meh-1.com
DocumentRoot /var/www/html/meh1/
<Directory /var/www/html/meh1/>
Options +FollowSymLinks Indexes
AllowOverride All
order allow,deny
allow from all
</Directory>
RewriteEngine On
RewriteOptions inherit
CustomLog /var/log/httpd/meh1.log combined
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/httpd/ssl/meh1_com.crt
SSLCertificateKeyFile /etc/httpd/ssl/meh1_com.key
SSLCertificateChainFile /etc/httpd/ssl/meh1_com.ca-bundle.crt
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
</VirtualHost>
[root#prod ~]# cat meh-2_com.conf
<VirtualHost *:80>
ServerName meh-2.com
ServerAlias www.meh-2.com
Redirect permanent / http://meh-1.com
</VirtualHost>
<VirtualHost *:443>
ServerName meh-2.com
ServerAlias www.meh-2.com
Redirect permanent / https://meh-1.com
</VirtualHost>