Question

HTTPS Returns 500 Internal Server Error While HTTP Does Not?

I’ve been trying to get SSL running on my domain (thebashfeed.com) for a few days. I believe I have Apache set up properly and installed Lets Encrypt using DO’s official tutorial. The site is accessible from http:// but not from https://. In fact, when you lead the domain with https:// it returns an internal server error with the following verbiage:

Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator at webmaster@localhost to inform them of the time this error occurred, and the actions you performed just before this error.

More information about this error may be available in the server error log. **

Here is my server’s Apache error log:**

[Fri Feb 24 19:25:11.151229 2017] [mpm_prefork:notice] [pid 30408] AH00163: Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.21 OpenSSL/1.0.1f configured – resuming normal operations [Fri Feb 24 19:25:11.151330 2017] [core:notice] [pid 30408] AH00094: Command line: ‘/usr/sbin/apache2’ libpng warning: Incorrect sBIT chunk length libpng warning: Incorrect sBIT chunk length [Fri Feb 24 20:49:50.636080 2017] [mpm_prefork:notice] [pid 30408] AH00169: caught SIGTERM, shutting down [Fri Feb 24 20:49:51.460157 2017] [mpm_prefork:notice] [pid 30887] AH00163: Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.21 OpenSSL/1.0.1f configured – resuming normal operations [Fri Feb 24 20:49:51.460250 2017] [core:notice] [pid 30887] AH00094: Command line: ‘/usr/sbin/apache2’ [Fri Feb 24 21:00:11.496576 2017] [mpm_prefork:notice] [pid 30887] AH00169: caught SIGTERM, shutting down [Fri Feb 24 21:15:00.327000 2017] [mpm_prefork:notice] [pid 31444] AH00163: Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.21 OpenSSL/1.0.1f configured – resuming normal operations [Fri Feb 24 21:15:00.327157 2017] [core:notice] [pid 31444] AH00094: Command line: ‘/usr/sbin/apache2’

If you can help me understand what needs to be done I would greatly appreciate it.

Thank in advance.

Show comments

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

@bashfeedbusiness

In regards to Apache, if you’re still having an issue with Apache + SSL, I just posted recent configs for LetsEncrypt, which I’ve outlined below for comparison.

/etc/apache2/sites-available/000-default.conf
<VirtualHost *:80>
        ServerAdmin webmaster@localhost
        DocumentRoot /var/www/html
        ServerName domain.com
        ServerAlias www.domain.com

        <Directory /var/www/html/>
            Options FollowSymLinks
            AllowOverride All
            Require all granted
        </Directory>

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

        RewriteEngine on
        RewriteCond %{SERVER_NAME} =domain.com [OR]
        RewriteCond %{SERVER_NAME} =www.domain.com
        RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
</VirtualHost>

/etc/apache2/sites-available/000-default-le-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost *:443>
        ServerAdmin webmaster@localhost
        DocumentRoot /var/www/html
        ServerName domain.com
        ServerAlias www.domain.com

        <Directory /var/www/html/>
            Options FollowSymLinks
            AllowOverride All
            Require all granted
        </Directory>

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
        SSLCertificateFile /etc/letsencrypt/live/domain.com/fullchain.pem
        SSLCertificateKeyFile /etc/letsencrypt/live/domain.com/privkey.pem
        Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>

/var/www/html/.htaccess
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress

Of course, in the above, domain.com should be replaced with your actual domain name. These are stock, and should work for any domain that has a valid SSL Certificate from LetsEncrypt w/ WP.

These are from ./sites-available and are symlinked to ./sites-enabled by default (which was done by LE when the service was ran).

The line in /etc/apache2/apache2.conf that controls pulling from ./sites-enabled is:

IncludeOptional sites-enabled/*.conf

So you could very well change that to better suit your own needs, or to just include a single site. For example, I could modify that to:

IncludeOptional sites-available/000-default.conf
IncludeOptional sites-available/000-default-le-ssl.conf

And in those files, I’d use the configuration I posted above, then restart apache2.

service apache2 restart

And that should get things in working order for you. You don’t have to use those two directories. I rarely do as I rather dislike having to use symlinks for configuration. I’d much rather it be located in a central directory and simply use mv or cp to get files where they need to be as symlinks can be finicky from time to time.

@bashfeedbusiness

Correct. Those files will be recreated once you start/restart MySQL and will then take on the size that is set in the newer configuration, which should prevent that error from popping back up.

If MySQL still fails to start, please tail -50 the log file and post back and we’ll take another look.

@bashfeedbusiness

No problem at all, glad to help! Let me know how things go.