HTTPS doesn't work

TheFstX · April 3, 2018, 6:19am

Good morning

I have a big problem with Letsencrypt and the HTTPS redirection. They doesn’t work.

000-default.conf

<VirtualHost *:80>
   ServerAdmin sascha@localhost

   RewriteEngine on
   RewriteCond %{HTTPS} off
   RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L]
#  RewriteCond %{SERVER_NAME} =nextcloud.xxxxxx.at
#  RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

000-default-le-ssl.conf

<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName nextcloud.xxxxxx.at
SSLCertificateFile /etc/letsencrypt/live/nextcloud.sptech.at/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/nextcloud.sptech.at/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>

default-ssl.conf

<IfModule mod_ssl.c>
        <VirtualHost _default_:443>
                ServerAdmin webmaster@localhost
                DocumentRoot /var/www/html

                ErrorLog ${APACHE_LOG_DIR}/error.log
                CustomLog ${APACHE_LOG_DIR}/access.log combined

                #   SSL Engine Switch:
                #   Enable/Disable SSL for this virtual host.
                SSLEngine on

                SSLCertificateFile      /etc/ssl/certs/ssl-cert-snakeoil.pem
                SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key

                <FilesMatch "\.(cgi|shtml|phtml|php)$">
                                SSLOptions +StdEnvVars
                </FilesMatch>
                <Directory /usr/lib/cgi-bin>
                                SSLOptions +StdEnvVars
                </Directory>

        </VirtualHost>
</IfModule>

Can someone tell me what I did wrong? I use Letsencrypt as certificate. The certificate works.

To create the certificate I used the following command:
./letsencrypt-auto -d nextcloud.xxxxxx.at --redirect --apache -m my_email_address

When I type my url without https I get only an error like this

STrike · April 3, 2018, 6:32am

Did you activated port forwarding for SSL (https)?

TheFstX · April 3, 2018, 6:35am

On my Fritz!Box I activated portforwarding. With OpenSSL it worked, but with Letsencrypt it doesn’t. I used this HowTo https://tutorials-raspberrypi.de/raspberry-pi-ssl-zertifikat-kostenlos-mit-lets-encrypt-erstellen/

STrike · April 3, 2018, 6:51am

I suggest to use another client which install the letsencrypt. I dont find any publish time of your article, but its not so old, but as I think too old, since the Website of letsencrypt itself suggest to use certbot instead of a github project:

I’m using also certbot for letsencrypt and its working on my pi.
I don’t know which os you use, but try this for jessie:

sudo apt-get update
sudo apt-get install certbot -t jessie-backports -y --force-yes

TheFstX · April 3, 2018, 6:59am

Sorry, i use Raspbian Stretch Lite! Is it necessary to delete or deinstall the GIThub installaion and all Letsencrypt configuration?

STrike · April 3, 2018, 7:10am

I use the same image:

(Its jessie)

Only restore the Virtual host files (letsencryt configuration). I think its only your 000-default-le-ssl.conf.
I offer you my personal help. Just pm me (or irc) and we solve it quick, if your problems will stay.

TheFstX · April 3, 2018, 7:43am

I need to delete the 000-default-le-ssl.conf and restore the original 000-default.conf? I also need to delete the letsencrypt folder??

STrike · April 3, 2018, 12:16pm

Yes, remove letsencrypt folder. And --purge apache2 and reinstall it then