Question

What is the next step after setting up Let's Encrypt SSL on DigitalOcean's Dashboard

Posted May 27, 2020 181 views
Apache

Hi,

I have followed this tutorial:
https://www.digitalocean.com/docs/accounts/security/certificates/

and created a new Let’s Encrypt certificate on DigitalOcean’s dashboard.

During the creation, in addition to my domain name and its www. version, I added 4 more subdomains. The creation seems successful.

However, when I go to one of my subdomain, where my web app is running on, I can access it using HTTP, but NOT HTTPS.

I am wondering if I have missed a step or two that I should’ve done after creating the certificate on the dashboard. Note that it doesn’t exist on the tutorial, so I assumed that’s all I need (Loving it though, since it was so simple and easy).

A bit more info:

  • My domain will be redirected to Squarespace.
  • All my subdomains are connected to their corresponding Droplets (3 droplets used here).
  • For my web app I am using Apache and already set-up a simple VirtualHost file to have the app hosted at port 80.

Thanks in advance.

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
2 answers

Hi @ehuang,

It seems to me that you haven’t enabled/created an HTTPS virtual host for your domains on the Droplet itself. There are two easy ways that we can follow in order for this to happen.

The first way would be for you to configure your HTTPS virtual configuration files for your domains on the droplet.

The second one is using the service certbot on your Droplet which will automatically, install LE and configure your virtual host files.

We’ll review both so that you can continue with whichever you like. The first way is a bit harder than the second one, it requires some small knowledge of the terminal. The good thing is DigitalOcean has a really good tutorial about the said process of creating your own virtual host files here

https://www.digitalocean.com/community/tutorials/how-to-set-up-apache-virtual-hosts-on-ubuntu-18-04-quickstart

This tutorial will guide you through setting up multiple domains and websites using Apache virtual hosts on an Ubuntu 18.04 server. During this process, you’ll learn how to serve different content to different visitors depending on which domains they are requesting.

Now to the second way, again DigitalOcean has a really good tutorial which you can follow and lead you to the desired outcome :

https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-18-04

This tutorial will use a separate Apache virtual host file instead of the default configuration file and will more or less the 50% of work automatically.

Regards,
KDSys

by Kathleen Juell
by Erika Heidi
Let's Encrypt is a Certificate Authority (CA) that provides an easy way to obtain and install free TLS/SSL certificates, thereby enabling encrypted HTTPS on web servers. In this tutorial, you will use Certbot to obtain a free SSL certificate for Apache on Ubuntu 18.04 and set up your certificate to renew automatically.
  • Hey @KDSys

    Thanks for your reply.

    Some questions,

    1. does either of the above methods follow the tutorial in the link about “certificates” in my original post? I can’t tell and it looks like I would need to set-up SSL from scratch again.
    2. the tutorial you mentioned about HTTPS virtual configurations; I can’t seem to find the related section about HTTPS or SSL.

    Thanks again.

    ehuang

    • I see you were able to resolve the issue! I’m happy to hear the tutorial was able to help you resolve the issue.

I got it working!

Just to write something here to summarize my experience.

Correct me if I am wrong, thanks.

I later figured out that just following the tutorial in the link in my original post is not enough. Maybe it was only enough to set up SSL for my main domain (just a web app hosted on Squarespace, no server, nothing more).

For my subdomains, I would need to dive into the Droplet itself and set up the SSL directly there (remote with SSH).

I also noticed that, the 2 links you posted, should be performed in sequential order, rather than “pick either one”.

Since I already have the 1st step (setting up virtual host done), I just need to do the second step. Certbot was great and absolutely no problem for me as I followed the step sin the tutorial of your second link.

Thanks again.

ehuang

Submit an Answer