Apache SSL seems to fail

RiversideRocks · April 5, 2021, 8:34pm

I’m setting up a new subdomain. These are my records (I’ve redacted a few things):

<VirtualHost *:80>
ServerAdmin ----@riverside.rocks
ServerName ----.riverside.rocks
ServerAlias http://---.riverside.rocks
DocumentRoot /var/www/---
RemoteIPHeader CF-Connecting-IP
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin ---@riverside.rocks
ServerAlias https://----.riverside.rocks
DocumentRoot /var/www/---/
RemoteIPHeader CF-Connecting-IP
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined


SSLCertificateFile /etc/letsencrypt/live/---.riverside.rocks/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/---.riverside.rocks/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>

</IfModule>

However, when I visit my site over HTTPS, apache uses the cert for riverside.rocks and not my subdomain:

What is wrong with my config?

John_Betong · April 6, 2021, 5:20am

I have a Ubuntu VPS and the domain.config does not prefix the subdomain with http::

ServerAlias www.riverside.rocks

Special note:
www is a subdomain

John_Betong · April 7, 2021, 5:49am

I just tested the sub-domain www.riverside.rocks and it seems to be working OK.

For the benefit of others, please post your solution

Edit:

Whoops - the URL was cached and there is still a problem

Try this - which does not rely on cached URLs:

https://supiet2.tk/test?

rpkamp · April 7, 2021, 6:52am

Did you restart Apache after adding this configuration?

RiversideRocks · April 7, 2021, 11:11am

Hello everyone, thanks for the tips.

@John_Betong I don’t think I have a vhost for www.

@rpkamp I did.

John_Betong · April 7, 2021, 12:14pm

Try the following:

add the following line to “riverside.rocks.configure”
ServerAlias www.riverside.rocks
Command line: Systemctrl restart apache2
The www. sub-domain should then open https://riverside.rocks
To create a new “Fred” sub-domain a new config file needs creating

I don’t think it is possible to combine the “Fred” sub-domain

To activate the https Letsencrypt protocols I call certbot from the command line.

Not tried and tapped on a tablet.

RiversideRocks · April 8, 2021, 6:57pm

Thanks, I’ll have a try.