let's encrypt standard force http to https isn't working

October 13, 2016 3.5k views
Let's Encrypt Apache WordPress Ubuntu
tariktj
By:
tariktj

Hallo all,
I've installed let's encrypt in my website, following the tutorail provided by DO. During the installtion Ive choose Standard Force to https.

Every thing works perfectly except that when I enter mysite.com I got an error.

I would like to redirect
http://, www. ===> https://mysite.com

I tried several solutions mentioned in the net, but unfortunalty nothing works

Below are the two configuration files created by let's encrypt 

<VirtualHost *:80>
        ServerAdmin user@localhost
        DocumentRoot /var/www/sub
        <Directory /var/www/sub/>
            Options Indexes FollowSymLinks
            AllowOverride All
            Require all granted
        </Directory>
        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
RewriteEngine on
RewriteCond %{SERVER_NAME} =mysite.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
</VirtualHost>
Include /etc/phpmyadmin/apache.conf

<IfModule mod_ssl.c>
<VirtualHost *:443>
        ServerAdmin user@localhost
        DocumentRoot /var/www/sub

        <Directory /var/www/sub/>
            Options Indexes FollowSymLinks
            AllowOverride All
            Require all granted
        </Directory>

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLCertificateFile /etc/letsencrypt/live/mysite.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/mysite.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
ServerName mysite.com
SSLCertificateChainFile /etc/letsencrypt/live/mysite.com/chain.pem
</VirtualHost>
Include /etc/phpmyadmin/apache.conf
</IfModule>

Any help is appreciated !!!!!

Log In to Comment
2 Answers
xMudrii October 13, 2016

I'm not Apache expert but this could be problem:

RewriteCond %{SERVER_NAME} =mysite.com

Maybe it is matching only mysite.com. You can try adding after

RewriteCond %{SERVER_NAME} =mysite.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]

This:

RewriteCond %{SERVER_NAME} =www.mysite.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]

So basically you would have:

RewriteCond %{SERVER_NAME} =mysite.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
RewriteCond %{SERVER_NAME} =www.mysite.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]

After that make sure you restart Apache:

  • sudo systemctl restart apache2

I hope this solves it, but if is not, someone who knows it better will answer, or I would get another solution :)

Reply
  • tariktj October 13, 2016

    Hallo ,
    Ive tried your proposed solution but unfortunatly not Working

    • xMudrii October 13, 2016

      I badly understood question at first read. Sorry for that :( But maybe rewrite is not enabled.
      Try

      • sudo a2enmod rewrite

      Don't forget to restart Apache after it:

      • sudo systemctl restart apache2

      •
stephenf8305998592817f4a35 February 15, 2017

Hi tariktj, I had the same symptom and fixed it - this might not apply exactly if your server is different but here it is anyway...

My server is Ubuntu 16.04 and I followed this tutorial : https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-16-04

And I also selected the "force to HTTPS" (or whatever the phrasing on that dialog). What actually happened was letsencrypt (1) made the new conf file example.com-le-ssl.conf under /etc/sites-available (2) enabled the new file (equivalent to command sudo a2ensite example.com-le-ssl ) and (3) disabled the old file example.com.conf.

I thought (3) was a mistake because it put the rewrite lines in the original file and then disabled it. What I did was the following:

(a) replaced the rewrite lines in example.com.conf with a redirect - this is a better solution according to Apache (see for example https://wiki.apache.org/httpd/RedirectSSL)
(b) enabled the old conf file with command: nano a2ensite example.com.conf

Then after restarting apache (sudo service apache2 restart) it did forward correctly.

How To Secure Apache with Let's Encrypt on Ubuntu 16.04
by Erika Heidi
This tutorial will show you how to set up a free TLS/SSL certificate from Let’s Encrypt on a Ubuntu 16.04 server running Apache as web server. TLS certificates are used within web servers to encrypt the traffic between server and client, providing extra security for users accessing your application.
Reply
Have another answer? Share your knowledge.

Related Questions