I’m trying to redirect cloud.mydomain.com from my main Apache instance running on a Raspberry Pi to a second Pi running NextCloudPi. I can get to the web interface at 192.168.1.200., but when accessing cloud.mydomain.com I’m getting the following message:
Bad Request
Your browser sent a request that this server could not understand.
Reason: You’re speaking plain HTTP to an SSL-enabled server port.
Instead use the HTTPS scheme to access this URL, please.
The actual configuration on the main Pi is:
cloud.conf
<VirtualHost *:80>
ServerName cloud.mydomain.com
ServerAlias cloud
ProxyPass / http://192.168.1.200:80/
ProxyPassReverse / http://192.168.1.200:80/
ProxyPreserveHost On
ProxyPass /.well-known/acme/ !
RewriteEngine on
RewriteCond %{SERVER_NAME} =cloud [OR]
RewriteCond %{SERVER_NAME} =cloud.mydomain.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
cloud-le-ssl.conf
<VirtualHost *:443>
ServerName cloud.mydomain.com
ServerAlias cloud
ProxyPass / http://192.168.1.200:443/
ProxyPassReverse / http://192.168.1.200:443/
ProxyPreserveHost On
ProxyPass /.well-known/acme/ !
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/cloud.mydomain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/cloud.mydomain.com/privkey.pem
</VirtualHost>
Also (maybe related), if I try to run the letsencrypt wizard on the web interface, I get this error:
[ letsencrypt ] (Sat Feb 20 12:16:22 GMT 2021)
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for cloud.mydomain.com
Using the webroot path /var/www/nextcloud for all unmatched domains.
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. cloud.mydomain.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from https://cloud.mydomain.com/.well-known/acme-challenge/bPaBnmzn8Ef1hy9q3x0rK4VUxpGPKlGqZqLzomZ775g [91.116.161.160]: "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>400 Bad Request</title>\n</head><body>\n<h1>Bad Request</h1"
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: cloud.mydomain.com
Type: unauthorized
Detail: Invalid response from
https://cloud.mydomain.com/.well-known/acme-challenge/bPaBnmzn8Ef1hy9q3x0rK4VUxpGPKlGqZqLzomZ775g
[91.116.161.160]: "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML
2.0//EN\">\n<html><head>\n<title>400 Bad
Request</title>\n</head><body>\n<h1>Bad Request</h1"
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.