Question

Could not reverse map the HTTPS VirtualHost to the original

Posted August 1, 2018 7.3k views
Let's EncryptUbuntu 16.04

Hi,

I’m trying to set up multiple domains on a single droplet. I have followed the various articles available on DO on setting up multiple vhosts and how to install a lets encrypt certificate. The certificate for the first domain installed fine, but when I try and install a certificate for the second domain, I get the following message;

Could not reverse map the HTTPS VirtualHost to the original

IMPORTANT NOTES:

  • Unable to install the certificate
  • Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/mydomain.net/fullchain.pem Your key file has been saved at: /etc/letsencrypt/live/mydomain.net/privkey.pem Your cert will expire on 2018-10-28. To obtain a new or tweaked version of this certificate in the future, simply run certbot again with the “certonly” option. To non-interactively renew all of your certificates, run “certbot renew”
  • Some rewrite rules copied from /etc/apache2/sites-enabled/mydomain.net.conf were disabled in the vhost for your HTTPS site located at /etc/apache2/sites-available/mydomain.net-le-ssl.conf because they have the potential to create redirection loops.

I cannot find much information on the web and am looking for someone to point out where I’ve gone wrong.

Thanks,

Chris

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
Submit an Answer
5 answers

Did you have any rewrite rules on your second domain before you created the ssl key?
Maybe some redirect rules that specifically referred to http:// ?

Sounds like letsencrypt commented out some redirect rules on your https site, I think those would be the first one to look at.

The perfect template. Try this. Worked for me after days of looking for solution.

<VirtualHost *:80>
ServerAdmin webmaster@localhost
ServerName domain.com
ServerAlias www.domain.com
DocumentRoot /var/www/html

<Directory /var/www/html/>
        Options FollowSymLinks
        AllowOverride All
        Require all granted
    </Directory>

ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

I haven’t uploaded anything to the second site yet except an index.html file to allow me to see when it’s working.

I had exactly this problem today. I had a virtual host up and running with SSL and I wanted to add a subdomain. I’m not sure what caused the problem because the second time I tried it worked as expected.

Here’s the timeline…

  1. Made a droplet snapshot
  2. Set up the DNS for the subdomain (How to Add a Subdomain to your Domain)
  3. Created a new virtual host (How To Install the Apache Web Server on Ubuntu 20.04 – Step 5
  4. Followed steps to install SSL on subdomain (How To Secure Apache with Let’s Encrypt on Ubuntu 20.04)
  5. Letsencrypt was down for maintenance so there was an error. Tried again and got exactly the error described in the OP
  6. After trying a lot of different things (including commenting out rewrite rules, etc…) I restored the original droplet snapshot and tried the encryption procedure again.
  7. This time I started with Step 1, even though I knew that Certbot was already installed.
  8. At Step 4, I was asked which domain I wanted to activate HTTPS for. I chose the new subdomain.
  9. I was then asked whether to redirect HTTP to HTTPS (I chose option 2) and after that it was all rainbows and unicorns…

I have no idea what went wrong the first time. I’m reporting my experience here in case anyone is questioning whether this works at all. It does work. I can now access my subdomain through SSL.