How do I redirect from http to https on apache2.

July 26, 2017 219 views
Apache Let's Encrypt Deployment DigitalOcean Security Ubuntu 16.04

I need to redirect a website already up and running on a digital ocean server from http://www.example.com to https://www.example.com. I've been working on it all day and have been able to generate an ssl certificate from lets encrypt and have stored it in a specific file in my directory. I know I need to give the server the location of the certificate but I dont know where I have to type that in. I tried following a tutorial https://www.digicert.com/ssl-certificate-installation-ubuntu-server-with-apache2.htm
but that doesnt seem to work either.
On running a config test, I get an error saying that snakeoil.key (private key) file does not exist. Although when I sudo nano that file, I can see the key (it does exist!) I dont know what to do here anymore. Any help will be greatly appreciated. Thanks!

2 Answers

Hi @elecsoftconsult

Can you post your VirtualHost configurations (both the one for port 80 and 443). It will be easier to help then.
Make sure your snakeoil.key file is readable by the same user/group as Apache, which is normally www-data

One way is to change your port 80 Virtualhost to this and restart Apache:

<VirtualHost *:80>
  ServerName yourdomain.com
  Alias www.yourdomain.com
  Redirect permanent / https://www.yourdomain.com/
</VirtualHost>
  • Hi @hansen

    Thank you so much for this quick reply! I tried looking for the virtualhost file a lot but couldn't find it. Would you happen to know which folder it resides in?

    Thank you in advance.

    • @elecsoftconsult

      Run this command to list your sites and their configuration:

      sudo apache2ctl -S
      
      • @hansen

        Thank you so much... I made the changes to the virtual host *80 file. When i tried restarting using apache2ctl restart I get an error saying Alias takes two arguments, a fakename and a realname. Action restart failed.

        • @elecsoftconsult
          Sorry, my bad - Alias should be ServerAlias:

          <VirtualHost *:80>
            ServerName yourdomain.com
            ServerAlias www.yourdomain.com
            Redirect permanent / https://www.yourdomain.com/
          </VirtualHost>
          
          • @hansen

            made that change and tried restarting again. It still says that it cant find snakeoil.key or it does not exist. I checked using nano and the key does exist. I went into the 443 virtualhost to try and make sure the directory paths were correct. When I got the ssl certificate, it said that both the certificate and the chain file were stored in the same .pem file. I added a SSLCertificateChainFile path to the same SSLCertificateFile (which points to the snakeoil.key) because it said it was fine to do so in the comments in that file itself. That did not work either.

@elecsoftconsult

Okay, can you remove the HTTPS (443) VirtualHost, since it doesn't work currently and it's just Let's Encrypt. And remove the redirect VirtualHost that I posted.
Now your site should just work with HTTP (80).

Then go and follow this tutorial:
https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-16-04

This tutorial will show you how to set up a free TLS/SSL certificate from Let’s Encrypt on a Ubuntu 16.04 server running Apache as web server. TLS certificates are used within web servers to encrypt the traffic between server and client, providing extra security for users accessing your application.
Have another answer? Share your knowledge.