Issue with Let's Encrypt SSL installation on AWS EC2 - apache

I'm having troubles with installing Let's Encrypt certification on AWS EC2 instance. Followed couple of tutorials from Google.
I've created the cert files and updated the path correctly in /etc/httpd/conf.d/ssl.conf. However, my domain is still not accessible via https. I haven't created multiple httpd config files for different domain but configuring them all in /etc/httpd/conf/httpd.conf. The typical configuration for a domain looks like following :
<VirtualHost *:80>
ServerName mydomain.in
ServerAlias www.mydomain.in
DocumentRoot /var/www/html/
<Directory /var/www/html>
# This relaxes Apache security settings.
AllowOverride all
# MultiViews must be turned off.
Options -MultiViews
</Directory>
</VirtualHost>
In the similar fashion, I've added multiple domains on the server. The certificate files I've generated for 1 domain only.
Any help or pointers in resolving the same will be much helpful.

While generating the cetificate you have to mention all the domain at single time.
then you can use the same generated certificate for multiple domains.
For more information please check this link https://blog.alejandrocelaya.com/2016/08/16/setup-a-lets-encrypt-certificate-in-a-aws-elastic-load-balancer/
For multiple domains,you can do this by the creating multiple virtual host with same ssl setting.

Related

How to access Apache website by public-ip with server name?

I've installed vanilla at Ubuntu server with public-ip by the steps at https://www.vultr.com/docs/how-to-install-vanilla-forum-on-ubuntu-16-04
Then config /etc/apache2/sites-available/forum.example.com.conf as below
<VirtualHost *:80>
ServerName forum.example.com
DocumentRoot /var/www/vanilla
<Directory /var/www/vanilla>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
</VirtualHost>
Then I can access http://public-ip at browser, but the result is Apache2 Ubuntu Default Page.
How can I access the installed vanilla at the browser? Should I make any change to the forum.example.com.conf?
If the request doesn't match a virtual host, Apache will serve files from the top level (not inside a <VirtualHost> block) DocumentRoot config value.
#
# DocumentRoot: The directory out of which you will serve your
# documents. By default, all requests are taken from this directory, but
# symbolic links and aliases may be used to point to other locations.
#
DocumentRoot /var/www/html
I don't know Ubuntu well but I'd guess this is in /etc/apache2/apache2.conf. You can change this to /var/www/vanilla to serve your forum instead of the default page.
Alternatively you could rename / delete the existing /var/www/html and make it a symlink to /var/www/vanilla: then Apache would pick up the forum files without any config change.
Or if you just want to set up access for yourself then you can add the DNS name to your hosts file (/etc/hosts on Linux, \Windows\System32\drivers\etc\hosts on Windows)
forum.example.com AAA.BBB.CCC.DDD
and then you can use forum.example.com in your browser as normal, which will send the 'Host' header so Apache will match the virtual host, even though this isn't configured as public DNS.

Domain is redirected to another domain in same droplet

Well, I am new on Debian, Built server on Digital Ocean with Debian OS.
I successfully added two domains into one droplet:
mysite.com
anothersite.com
Created new dir:
/home/user/www/mysite.com/public_html
and copied files to public_html
The config file inside /etc/apache2/sites-available is:
DocumentRoot /home/user/www/mysite.com/public_html
<Directory /home/user/www/mysite.com/public_html>
Options -Indexes +FollowSymLinks +MultiViews
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/myproject-error.log
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/myproject-access.log combined
Of Course, I enabled the site.
I haven't edited apache2.conf file and haven't configured 2nd domain (anothersite.com). Just added this 2nd domain to droplet, that's all.
when I enter to the site mysite.com it works perfect. But I wondered that why 2nd domain (anothersite.com) is redirected to 1st (mysite.com) domain?
By the way, I use Apache 2.4
If hostname (e.g. anothersite.com) point to the apache webserver but haven't explicitely configured a section that matches that hostname, then apache will deliver a "best match" (the first ).
so if only have a single in apache config and multiple hostnames (mysite.com and anothersite.com) point to the same machine, all of these names will display the same virtual host

Configuration https on lamp web server ec2 aws with let's encrypt

I have a problem, yesterday i create certificate with let's encrypt on my ec2 instance. Now i want to use them o my site, but i don't know how i can proceed. Have you any suggestions?
I tried to do this but i hadn't any results:
https://www.paulwakeford.info/2015/11/24/letsencrypt/
than, after using webroot plugin on let's encrypt, i install mod_ssl.so on my istance, i edit my security group and enable https on port 443 and than i modify my httpd.conf right here:
<VirtualHost *:443>
DocumentRoot /var/www/my-domain
ServerName my-domain.com
SSLEngine on
SSLCertificateFile "/etc/letsencrypt/live/my-domain/cert.pem"
SSLCertificateKeyFile "/etc/letsencrypt/live/my-domain/privkey.pem"
SSLCertificateChainFile "/etc/letsencrypt/live/my-domain/chain.pem"
<Directory /var/www/my-domain>
AllowOverride All
</Directory>
</VirtualHost>
Have you any suggestions?
The tutorial you pointed out uses SSL certificate to Cloudfront distribution, a CDN. Are your using Cloudfront? Because if you are using you need to set certificate on the distribution (and maybe to apache server too), otherwise on the apache server.
Try this look into:
Enabling SSL on apache instance on EC2
and
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/SSL-on-an-instance.html
For the last, forget about "getting certificate" as you already have one issued by Lets Encrypt.

How to I point multiple URLs to the right directory?

I have a VPS running CentOS 5. I want to point multiple domains at the same VPS (point them at the same IP), but serve up distinct websites for each domain.
So, the setup I want is like this:
site1.com ----> 127.0.0.1 ----> /var/www/html/site1.com/
site2.com ----> 127.0.0.1 ----> /var/www/html/site2.com/
I've tried setting up virtual hosts through the CentOS GUI for Apache, but they don't seem to be working. Only the first virtual host added will work (i.e. If I add site1.com first, both domains direct to that site. If I add site2.com first, both domains direct to that site.)
What might I be doing wrong? Is there an effective step-by-step tutorial for newcomers to get me started?
Update
Please remember, I have little to no experience working with CentOS and Linux ... but I'm learning.
To those who asked to see the directives I'm using, here's what CentOS added to the bottom of /etc/httpd/conf/httpd.conf when I used the built-in Apache GUI:
<VirtualHost skylarkapp.com:80>
DocumentRoot /var/www/html/skylarkapp.com
<Directory "/var/www/html/skylarkapp.com">
allow from all
Options +Indexes
</Directory>
ServerName skylarkapp.com
</VirtualHost>
<VirtualHost eamann.com:80>
DocumentRoot /var/www/html/eamann
<Directory "/var/www/html/eamann">
allow from all
Options +Indexes
</Directory>
ServerName eamann.com
</VirtualHost>
At the moment, all traffic to both skylarkapp.com and eamann.com on this system direct to the content of /var/www/html/skylarkapp.com.
Also, I'm using my Windows hosts file to manually point eamann.com to this server (204.92.23.6) because I'm in the process of migrating a live site. I want to get things working on the server before I actually move things from one box to another.
Name-based virtual hosts must be turned on explicitly with NameVirtualHost *:80. See http://httpd.apache.org/docs/2.2/vhosts/name-based.html
This line:
<VirtualHost eamann.com:80>
won't work since eamann.com won't resolve to your CentOS server's IP address (only your Windows machine resolves eamann.com to 204.92.23.6). Try making apache listed on any IP by replacing with:
<VirtualHost *:80>
You probably also want:
ServerAlias www.eamann.com
to allow visitors to www.eamann.com to see the site as well. Restart apache after making these changes:
service httpd restart

Setting up a Apache listening to the Amazon EC2 private DNS

I've created a Apache virtual host for a Amazone EC2 private DNS. Just the way I did it with other hosts, too. But for some reasons, there is always a 403 (forbidden) when requesting it. To make it bulletproof I've copied the virtual host file from a working host, double checked all paths and hosts. It's enabled and Apache configuration files are reloaded. The way it works with any other host. But there is still that 403 requesting it from the same or another EC2 instance.
# host: ip-xyz.eu-west-1.compute.internal
# directory: /var/www/xyz
<VirtualHost *:80>
ServerName ip-xyz.eu-west-1.compute.internal
DocumentRoot /var/www/xyz
<Directory /var/www/xyz>
Options FollowSymLinks
AllowOverride All
Order Deny,Allow
Allow from All
</Directory>
</VirtualHost>
Any ideas?
Best regards,
Jimbo
You should check the error log (for, well, errors), and the access log to verify you actually accessed the right machine.
Edit: If there is another wildcard VirtualHost declaration, delete it from the configuration.