Related

WordPRess Files Removed Now What To Do? Question Question
Problem installing wordpress on subdomain (nginx / ubuntu) Question Question

Question

let's encrypt standard force http to https isn't working

Posted October 13, 2016 5.7k views
UbuntuApacheWordPressLet's Encrypt

Hallo all,
I’ve installed let’s encrypt in my website, following the tutorail provided by DO. During the installtion Ive choose Standard Force to https.

Every thing works perfectly except that when I enter mysite.com I got an error.

I would like to redirect
http://, www. ===> https://mysite.com

I tried several solutions mentioned in the net, but unfortunalty nothing works

Below are the two configuration files created by let’s encrypt 

<VirtualHost *:80>
        ServerAdmin user@localhost
        DocumentRoot /var/www/sub
        <Directory /var/www/sub/>
            Options Indexes FollowSymLinks
            AllowOverride All
            Require all granted
        </Directory>
        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
RewriteEngine on
RewriteCond %{SERVER_NAME} =mysite.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
</VirtualHost>
Include /etc/phpmyadmin/apache.conf

<IfModule mod_ssl.c>
<VirtualHost *:443>
        ServerAdmin user@localhost
        DocumentRoot /var/www/sub

        <Directory /var/www/sub/>
            Options Indexes FollowSymLinks
            AllowOverride All
            Require all granted
        </Directory>

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLCertificateFile /etc/letsencrypt/live/mysite.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/mysite.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
ServerName mysite.com
SSLCertificateChainFile /etc/letsencrypt/live/mysite.com/chain.pem
</VirtualHost>
Include /etc/phpmyadmin/apache.conf
</IfModule>

Any help is appreciated !!!!!

Add a comment
tariktj
By:
tariktj
Add a comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
2 answers
xMudrii October 13, 2016

I’m not Apache expert but this could be problem:

RewriteCond %{SERVER_NAME} =mysite.com

Maybe it is matching only mysite.com. You can try adding after

RewriteCond %{SERVER_NAME} =mysite.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]

This:

RewriteCond %{SERVER_NAME} =www.mysite.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]

So basically you would have:

RewriteCond %{SERVER_NAME} =mysite.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
RewriteCond %{SERVER_NAME} =www.mysite.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]

After that make sure you restart Apache:

  • sudo systemctl restart apache2

I hope this solves it, but if is not, someone who knows it better will answer, or I would get another solution :)

Reply Report
stephenf8305998592817f4a35 February 15, 2017

Hi tariktj, I had the same symptom and fixed it - this might not apply exactly if your server is different but here it is anyway…

My server is Ubuntu 16.04 and I followed this tutorial : https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-16-04

And I also selected the “force to HTTPS” (or whatever the phrasing on that dialog). What actually happened was letsencrypt (1) made the new conf file example.com-le-ssl.conf under /etc/sites-available (2) enabled the new file (equivalent to command sudo a2ensite example.com-le-ssl ) and (3) disabled the old file example.com.conf.

I thought (3) was a mistake because it put the rewrite lines in the original file and then disabled it. What I did was the following:

(a) replaced the rewrite lines in example.com.conf with a redirect - this is a better solution according to Apache (see for example https://wiki.apache.org/httpd/RedirectSSL)
(b) enabled the old conf file with command: nano a2ensite example.com.conf

Then after restarting apache (sudo service apache2 restart) it did forward correctly.

How To Secure Apache with Let's Encrypt on Ubuntu 16.04
by Erika Heidi
This tutorial will show you how to set up a free TLS/SSL certificate from Let’s Encrypt on a Ubuntu 16.04 server running Apache as web server. TLS certificates are used within web servers to encrypt the traffic between server and client, providing extra security for users accessing your application.
Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help