Installed LetsEncrypt and redirects to https work but web pages are no longer reachable

Question

I installed Let’s Encrypt per the following tutorial:

https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-16-04

Works to require a redirect to https but I can no longer reach the index.html web page or any other page on the site. I deleted the lines added by let’s encrypt to the .conf file for my site and now the site is reachable. I was trying to setup a password protection of the site per the following tutorial:

https://www.digitalocean.com/community/tutorials/how-to-set-up-password-authentication-with-apache-on-ubuntu-16-04

But instead of receiving a prompt for a username and password, I just received the following message in Google Chrome (and also could not reach pages in IE):

Not Found

The requested URL / was not found on this server.

Apache/2.4.18 (Ubuntu) Server at mysitename.com Port 443

the “mysitename.com” is just edited to not include my actual domain.

Any suggestions will be appreciated.

Flamber Hansen · Accepted Answer

@redsteamsoftware

The Let’s Encrypt install shouldn’t mess with the listeners, but if the configuration was a bit off to begin with, then the wizard sometimes does strange things.

Run this command to list which configuration files Apache is using:

sudo apache2ctl -S

And then post each configuration file it lists and /etc/apache2/apache.conf

kkkn · Answer

Hi all,I have been reading through a lottttttt of publications and I can’t find my answer yet.I’m running ubuntu 18.0 and nginxMy server was running before installing certbot in http://IP :Portand now none of them are working http neither https. Please!!! Help!!

intalix · Answer

I found a solution via LetsEncrypt forum.

If you’re having issue with Wordpress not displaying content and a page looks broken after you’ve run CertBot and installed SSL and now via https:// you got a broken page here’s a solution:

Go to Word Press admin panel
Go to Settings–>General WordPress Address (URL) and Site Address (URL) change a value from your machine’s IP address to your website URL, for example:

old value
124.22.11.22

change it to: www.mysite.com

intalix · Answer

I didn’t see what you guys changed to get solution. In my caseL I got it all installed. but now it serves broken page. Any idea what’s wrong?

maximal · Answer

I´m having a similar problem to the op, but my DocumentRoot´s are correct in the generated configuration files. I did enable ssl with a2enmod ssl and it also told me it´s already enabled. Everything works fine with http, but with https nothing is reachable. The domain in the configs below I replaced with example.at. The first site is just a dummy index.html with one h1 tag, the other one well gitlab. As said both work fine without https. I don´t have ufw installed (might do that later once it works like this). The os is ubuntu 16.04.

example.at.conf

<VirtualHost *:80>
        ServerName example.at
        ServerAlias www.example.at
        ServerSignature Off
        DocumentRoot /var/www/html
</VirtualHost>

Generated by certbot example.at-le-ssl.conf

<IfModule mod_ssl.c>
<VirtualHost *:443>
        ServerName example.at
        ServerAlias www.example.at
        ServerSignature Off
        DocumentRoot /var/www/html

        Include /etc/letsencrypt/options-ssl-apache.conf
        SSLCertificateFile /etc/letsencrypt/live/example.at/fullchain.pem
        SSLCertificateKeyFile /etc/letsencrypt/live/example.at/privkey.pem
</VirtualHost>
</IfModule>

gitlab.example.conf

<VirtualHost *:80>
  ServerName gitlab.example.at
  ServerSignature Off
  ProxyPreserveHost On
  AllowEncodedSlashes NoDecode
  <Location />
    Require all granted
    ProxyPassReverse http://127.0.0.1:8080
    ProxyPassReverse http://gitlab.example.at/
  </Location>
  DocumentRoot /opt/gitlab/embedded/service/gitlab-rails/public
  RewriteEngine on
  RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
  RewriteRule .* http://127.0.0.1:8080%{REQUEST_URI} [P,QSA]
  LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common_forwarded
  ErrorLog  /var/log/apache2/gitlab_error.log
  CustomLog /var/log/apache2/gitlab_forwarded.log common_forwarded
  CustomLog /var/log/apache2/gitlab_access.log combined env=!dontlog
  CustomLog /var/log/apache2/gitlab.log combined
</VirtualHost>

Generated by certbot gitlab.example.at-le-ssl.conf

<IfModule mod_ssl.c>
<VirtualHost *:443>
  ServerName gitlab.example.at
  ServerSignature Off
  ProxyPreserveHost On
  AllowEncodedSlashes NoDecode
  <Location />
    Require all granted
    ProxyPassReverse http://127.0.0.1:8080
    ProxyPassReverse http://gitlab.example.at/
  </Location>
  DocumentRoot /opt/gitlab/embedded/service/gitlab-rails/public
  RewriteEngine on
  RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
  RewriteRule .* http://127.0.0.1:8080%{REQUEST_URI} [P,QSA]
  LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common_forwarded
  ErrorLog  /var/log/apache2/gitlab_error.log
  CustomLog /var/log/apache2/gitlab_forwarded.log common_forwarded
  CustomLog /var/log/apache2/gitlab_access.log combined env=!dontlog
  CustomLog /var/log/apache2/gitlab.log combined
SSLCertificateFile /etc/letsencrypt/live/gitlab.example.at/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/gitlab.example.at/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>

Output of sudo apache2ctl -S

*:443                  is a NameVirtualHost
         default server gitlab.example.at (/etc/apache2/sites-enabled/gitlab.example.at-le-ssl.conf:2)
         port 443 namevhost gitlab.example.at (/etc/apache2/sites-enabled/gitlab.example.at-le-ssl.conf:2)
         port 443 namevhost example.at (/etc/apache2/sites-enabled/example.at-le-ssl.conf:2)
                 alias www.example.at
*:80                   is a NameVirtualHost
         default server gitlab.example.at (/etc/apache2/sites-enabled/gitlab.example.at.conf:1)
         port 80 namevhost gitlab.example.at (/etc/apache2/sites-enabled/gitlab.example.at.conf:1)
         port 80 namevhost example.at (/etc/apache2/sites-enabled/example.at.conf:1)
                 alias www.example.at
ServerRoot: "/etc/apache2"
Main DocumentRoot: "/var/www/html"
Main ErrorLog: "/var/log/apache2/error.log"
Mutex watchdog-callback: using_defaults
Mutex rewrite-map: using_defaults
Mutex ssl-stapling-refresh: using_defaults
Mutex ssl-stapling: using_defaults
Mutex proxy: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/var/lock/apache2" mechanism=fcntl
PidFile: "/var/run/apache2/apache2.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="www-data" id=33
Group: name="www-data" id=33

When running netstat -plnt it also sais apache is listening on port 443 and 80

tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      17355/apache2
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      17355/apache2

Flamber Hansen · Answer

@redsteamsoftware

But the line you’ve posted says that Apache is only listening on 443 with IPv6. Use the </> button in the comment editor to insert console output, which doesn’t lose it’s formatting.

Flamber Hansen · Answer

Hi @redsteamsoftware

Did you check if HTTPS worked before redirecting? If not, then it could just be your firewall.

sudo ufw status

But without seeing your VirtualHost configurations (both), then it’s difficult to know the exact problem. Post them and hide your domain if you don’t want to share it.

Related

Question

Installed LetsEncrypt and redirects to https work but web pages are no longer reachable

Related