:/etc/apache2/sites-enabled$ ls -la /etc/apache2/sites-enabled/
total 12
drwxr-xr-x 2 root root 4096 Dec 19 11:01 .
drwxr-xr-x 8 root root 4096 Dec 19 10:43 …
-rw-r–r-- 1 root root 1024 Dec 19 08:21 .nextcloud.conf.swp
lrwxrwxrwx 1 root root 50 Dec 14 17:04 nextcloud-le-ssl.conf → /etc/apache2/sites-available/nextcloud-le-ssl.conf
Server name was “nextcloud” and in the https://“was my domain”,
i cange the server name to the domain aswell but i got the same problem
/etc/apache2/sites-enabled$ sudo apachectl configtest
Syntax OK
I’m usining ubuntu server
I don’t know if it’s helps but this is my VH conf:
VirtualHost configuration:
“IP”:80 “Domain” (/etc/apache2/sites-enabled/nextcloud-le-ssl.conf:2)
“IP”:443 “Domain” (/etc/apache2/sites-enabled/nextcloud-le-ssl.conf:14)
ServerRoot: “/etc/apache2”
Main DocumentRoot: “/var/www/html”
Main ErrorLog: “/var/log/apache2/error.log”
Mutex rewrite-map: using_defaults
Mutex ssl-stapling-refresh: using_defaults
Mutex ssl-stapling: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir=“/var/run/apache2/” mechanism=default
Mutex mpm-accept: using_defaults
Mutex watchdog-callback: using_defaults
PidFile: “/var/run/apache2/apache2.pid”
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name=“www-data” id=33
Group: name=“www-data” id=33
gas85
December 19, 2019, 11:40am
23
Good, did you reload the config afterwars?
Can we try to do debugging in browser? We need to open debugging Network tool, for Firefox it is under Web Developer → Network (choice Persistent Logs):
Now we will be able to see what is redirected and where. On a screenshot above I goes to http to my server and it replays with 301 and redirected me to https://mydoamin.com (location in headers below the screenshot), then it is starting to loading with code 200. Basically this is what this config should do. Please open http connection to your server.
I did reload and restart the service few times yes.
As you can see it’s find nothing when the “Redirect permanent” is on.
When it’s off “#Redirect permanent”:
gas85
December 19, 2019, 2:01pm
25
Lets check logs, please check what is in your /var/log/apache2/access.log
and error.log
.
Also is first 301 pointing to your server URL with https?
I suppose something is wrong with your SSL module or openSSL, here is Gist how to setup it quickly
And I really wondering why you see Apache web page…
Is your nextcloud really under /var/www/html/nextcloud/
???
Please check your /etc/apache2/mods-enabled/dir.conf
, it should looks like this (index.php is on a first place):
<IfModule mod_dir.c>
DirectoryIndex index.php index.html index.cgi index.pl index.xhtml index.htm
</IfModule>
access.log:
172.69.130.101 - - [20/Dec/2019:00:05:05 +0000] "PROPFIND /remote.php/dav/files/nividan/World%20of%20warcraft/Interface HTTP/1.1" 400 0 "-" "Mozilla/5.0 (Windows) mirall/2.6.1stable-Win64 (build 20191105) (Nextcloud)"
172.69.130.101 - - [20/Dec/2019:00:05:05 +0000] "PROPFIND /remote.php/dav/files/nividan/World%20of%20warcraft/WTF HTTP/1.1" 400 0 "-" "Mozilla/5.0 (Windows) mirall/2.6.1stable-Win64 (build 20191105) (Nextcloud)"
172.69.130.101 - - [20/Dec/2019:00:05:05 +0000] "PROPFIND /remote.php/dav/files/nividan/Niv%20Pc/Documents HTTP/1.1" 400 0 "-" "Mozilla/5.0 (Windows) mirall/2.6.1stable-Win64 (build 20191105) (Nextcloud)"
172.69.130.101 - - [20/Dec/2019:00:05:05 +0000] "PROPFIND /remote.php/dav/files/nividan/Niv%20Pc/Pictures HTTP/1.1" 400 0 "-" "Mozilla/5.0 (Windows) mirall/2.6.1stable-Win64 (build 20191105) (Nextcloud)"
172.69.130.101 - - [20/Dec/2019:00:05:10 +0000] "PROPFIND /remote.php/dav/files/nividan/World%20of%20warcraft/Interface HTTP/1.1" 400 0 "-" "Mozilla/5.0 (Windows) mirall/2.6.1stable-Win64 (build 20191105) (Nextcloud)"
172.69.130.101 - - [20/Dec/2019:00:05:10 +0000] "PROPFIND /remote.php/dav/files/nividan/World%20of%20warcraft/WTF HTTP/1.1" 400 0 "-" "Mozilla/5.0 (Windows) mirall/2.6.1stable-Win64 (build 20191105) (Nextcloud)"
172.69.130.101 - - [20/Dec/2019:00:05:10 +0000] "PROPFIND /remote.php/dav/files/nividan/Niv%20Pc/Documents HTTP/1.1" 400 0 "-" "Mozilla/5.0 (Windows) mirall/2.6.1stable-Win64 (build 20191105) (Nextcloud)"
172.69.130.101 - - [20/Dec/2019:00:05:10 +0000] "PROPFIND /remote.php/dav/files/nividan/Niv%20Pc/Pictures HTTP/1.1" 400 0 "-" "Mozilla/5.0 (Windows) mirall/2.6.1stable-Win64 (build 20191105) (Nextcloud)"
172.69.130.101 - - [20/Dec/2019:00:05:15 +0000] "PROPFIND /remote.php/dav/files/nividan/World%20of%20warcraft/Interface HTTP/1.1" 400 0 "-" "Mozilla/5.0 (Windows) mirall/2.6.1stable-Win64 (build 20191105) (Nextcloud)"
172.69.130.101 - - [20/Dec/2019:00:05:15 +0000] "PROPFIND /remote.php/dav/files/nividan/World%20of%20warcraft/WTF HTTP/1.1" 400 0 "-" "Mozilla/5.0 (Windows) mirall/2.6.1stable-Win64 (build 20191105) (Nextcloud)"
172.69.130.101 - - [20/Dec/2019:00:05:15 +0000] "PROPFIND /remote.php/dav/files/nividan/Niv%20Pc/Documents HTTP/1.1" 400 0 "-" "Mozilla/5.0 (Windows) mirall/2.6.1stable-Win64 (build 20191105) (Nextcloud)"
172.69.130.101 - - [20/Dec/2019:00:05:15 +0000] "PROPFIND /remote.php/dav/files/nividan/Niv%20Pc/Pictures HTTP/1.1" 400 0 "-" "Mozilla/5.0 (Windows) mirall/2.6.1stable-Win64 (build 20191105) (Nextcloud)"
error.log:
$
[Fri Dec 20 00:05:20.810208 2019] [core:info] [pid 20977] [client 172.69.130.101:25246] AH00561: Request header exceeds LimitRequestFieldSize: Cookie
[Fri Dec 20 00:05:20.810221 2019] [core:debug] [pid 20977] protocol.c(1375): [client 172.69.130.101:25246] AH00567: request failed: error reading the headers
[Fri Dec 20 00:05:20.844208 2019] [core:debug] [pid 20975] protocol.c(1022): (28)No space left on device: [client 172.69.130.101:25284] Failed to read request header line Cookie: __cfduid=da2ba5eb34dfd8b754c3fc7de5c84db321576707635$
[Fri Dec 20 00:05:20.844312 2019] [core:info] [pid 20975] [client 172.69.130.101:25284] AH00561: Request header exceeds LimitRequestFieldSize: Cookie
[Fri Dec 20 00:05:20.844328 2019] [core:debug] [pid 20975] protocol.c(1375): [client 172.69.130.101:25284] AH00567: request failed: error reading the headers
[Fri Dec 20 00:05:20.877213 2019] [core:debug] [pid 20976] protocol.c(1022): (28)No space left on device: [client 172.69.130.101:25298] Failed to read request header line Cookie: __cfduid=da2ba5eb34dfd8b754c3fc7de5c84db321576707635$
[Fri Dec 20 00:05:20.877316 2019] [core:info] [pid 20976] [client 172.69.130.101:25298] AH00561: Request header exceeds LimitRequestFieldSize: Cookieq
[Fri Dec 20 00:05:20.877327 2019] [core:debug] [pid 20976] protocol.c(1375): [client 172.69.130.101:25298] AH00567: request failed: error reading the headers
[Fri Dec 20 00:05:25.763660 2019] [core:debug] [pid 20978] protocol.c(1022): (28)No space left on device: [client 172.69.130.101:26982] Failed to read request header line Cookie: __cfduid=da2ba5eb34dfd8b754c3fc7de5c84db321576707635$
[Fri Dec 20 00:05:25.763823 2019] [core:info] [pid 20978] [client 172.69.130.101:26982] AH00561: Request header exceeds LimitRequestFieldSize: Cookie
I am trying now to do the openssl.
But after i fix the defult page I an now getting:
Forbidden
You don’t have permission to access / on this server.
I tryid to take owner for www-data, I am now looking into it
eehmke
December 20, 2019, 7:53am
27
protocol.c(1022): (28)No space left on device
Seems your disk is full? Or the /var partition
1 Like
Yea, it’s been fix and wasent the problem.
I am prety sure this is somthing withe the nextcloud-le-ssl,
If i go back to nextcloud.conf all working fine (ofc it’s not https)
gas85
December 20, 2019, 8:26am
29
You see Apache Web page via HTTP only because we delete all Nexctloud settings from the HTTP server and configure redirect only.
If you want to use http at least as workaround for now, please change config as following:
<VirtualHost "IP":80>
ServerName nextcloud
ServerAdmin "admin@host"
DocumentRoot /var/www/html/nextcloud/
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
#Redirect permanent / https://"host"/
<Directory /var/www/html/nextcloud/>
Options +FollowSymlinks
AllowOverride All
<IfModule mod_dav.c>
Dav off
</IfModule>
SetEnv HOME /var/www/html/nextcloud
SetEnv HTTP_HOME /var/www/html/nextcloud
</Directory>
</VirtualHost>
<VirtualHost "IP":443>
ServerName nextcloud
ServerAdmin "admin@host"
DocumentRoot /var/www/html/nextcloud/
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/"host"/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/"host"/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/"host"/chain.pem
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
<Directory /var/www/html/nextcloud/>
Options +FollowSymlinks
AllowOverride All
<IfModule mod_dav.c>
Dav off
</IfModule>
SetEnv HOME /var/www/html/nextcloud
SetEnv HTTP_HOME /var/www/html/nextcloud
</Directory>
Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains; preload"
Header always set Referrer-Policy no-referrer
ErrorDocument 403 "Hmmmm... Looks it is not here xD:)"
</VirtualHost>
Can we check if all needed modules are enabled in apache? Run:
apache2ctl -M | sort
My output example (for HTTP2 enabled):
AH00558: apache2: Could not reliably determine the server’s fully qualified domain name, using 127.0.0.1. Set the ‘ServerName’ directive globally to suppress this message
access_compat_module (shared)
alias_module (shared)
auth_basic_module (shared)
authn_core_module (shared)
authn_file_module (shared)
authz_core_module (shared)
authz_host_module (shared)
authz_user_module (shared)
autoindex_module (shared)
core_module (static)
deflate_module (shared)
dir_module (shared)
env_module (shared)
filter_module (shared)
headers_module (shared)
http2_module (shared)
http_module (static)
log_config_module (static)
logio_module (static)
mime_module (shared)
mpm_event_module (shared)
negotiation_module (shared)
proxy_fcgi_module (shared)
proxy_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
so_module (static)
socache_shmcb_module (shared)
ssl_module (shared)
status_module (shared)
unixd_module (static)
version_module (static)
watchdog_module (static)
Loaded Modules:
Again, ty for the time you put to help me
access_compat_module (shared)
alias_module (shared)
auth_basic_module (shared)
authn_core_module (shared)
authn_file_module (shared)
authz_core_module (shared)
authz_host_module (shared)
authz_user_module (shared)
autoindex_module (shared)
core_module (static)
deflate_module (shared)
dir_module (shared)
env_module (shared)
filter_module (shared)
headers_module (shared)
http_module (static)
Loaded Modules:
log_config_module (static)
logio_module (static)
mime_module (shared)
mpm_prefork_module (shared)
negotiation_module (shared)
php7_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
socache_shmcb_module (shared)
so_module (static)
ssl_module (shared)
status_module (shared)
unixd_module (static)
version_module (static)
watchdog_module (static)
This is what i get when i cange the conf to what you link:
****@nivsrvubu:/etc/apache2/sites-available$ sudo service apache2 restart
Job for apache2.service failed because the control process exited with error code.
See "systemctl status apache2.service" and "journalctl -xe" for details.
****@nivsrvubu:/etc/apache2/sites-available$ sudo service apache2 status
● apache2.service - The Apache HTTP Server
Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Fri 2019-12-20 09:25:37 UTC; 6s ago
Process: 33632 ExecStop=/usr/sbin/apachectl stop (code=exited, status=1/FAILURE)
Process: 31894 ExecReload=/usr/sbin/apachectl graceful (code=exited, status=0/SUCCESS)
Process: 33638 ExecStart=/usr/sbin/apachectl start (code=exited, status=1/FAILURE)
Main PID: 32611 (code=exited, status=0/SUCCESS)
Dec 20 09:25:36 nivsrvubu systemd[1]: Starting The Apache HTTP Server...
Dec 20 09:25:36 nivsrvubu apachectl[33638]: AH00526: Syntax error on line 38 of /etc/apache2/sites-enabled/nextcloud.conf:
Dec 20 09:25:36 nivsrvubu apachectl[33638]: SSLCertificateFile: file '/etc/letsencrypt/live/********/cert.pem' does not exist or is empty
Dec 20 09:25:36 nivsrvubu apachectl[33638]: Action 'start' failed.
Dec 20 09:25:36 nivsrvubu apachectl[33638]: The Apache error log may have more information.
Dec 20 09:25:37 nivsrvubu systemd[1]: apache2.service: Control process exited, code=exited status=1
Dec 20 09:25:37 nivsrvubu systemd[1]: apache2.service: Failed with result 'exit-code'.
Dec 20 09:25:37 nivsrvubu systemd[1]: Failed to start The Apache HTTP Server.
gas85
December 20, 2019, 9:53am
31
That strange why it works before… If you are using Let’s Encrypt Certificate via e.g. Certbot or Acme.sh , it should be there.
Where did you get Certificate?
Is this self signed Certificate, or from Let’s Encrypt?
Where it is stored?
Basically you need at least 2 files Certificate and Private key.
Could you please check what is in this folder?
ls -la /etc/letsencrypt/live/DOMAIN
#OR to see all
ls -laR /etc/letsencrypt/live/
My output example
# ls -laR /etc/letsencrypt/live/
/etc/letsencrypt/live/:
total 20
drwx------ 5 root root 4096 Nov 25 10:41 .
drwxr-xr-x 9 root root 4096 Dec 20 06:24 ..
drwxr-xr-x 2 root root 4096 Nov 25 10:41 Domain1
drwxr-xr-x 2 root root 4096 Jul 8 07:20 Domain2
drwxr-xr-x 2 root root 4096 Dec 5 15:29 Domain2-0001
/etc/letsencrypt/live/Domain1:
total 12
drwxr-xr-x 2 root root 4096 Nov 25 10:41 .
drwx------ 5 root root 4096 Nov 25 10:41 ..
-rw-r--r-- 1 root root 682 Nov 25 10:41 README
lrwxrwxrwx 1 root root 52 Nov 25 10:41 cert.pem -> ../../archive/Domain1/cert1.pem
lrwxrwxrwx 1 root root 53 Nov 25 10:41 chain.pem -> ../../archive/Domain1/chain1.pem
lrwxrwxrwx 1 root root 57 Nov 25 10:41 fullchain.pem -> ../../archive/Domain1/fullchain1.pem
lrwxrwxrwx 1 root root 55 Nov 25 10:41 privkey.pem -> ../../archive/Domain1/privkey1.pem
/etc/letsencrypt/live/Domain2:
total 12
drwxr-xr-x 2 root root 4096 Jul 8 07:20 .
drwx------ 5 root root 4096 Nov 25 10:41 ..
-rw-r--r-- 1 root root 543 Jul 13 2017 README
lrwxrwxrwx 1 root root 39 Jul 8 07:20 cert.pem -> ../../archive/Domain2/cert13.pem
lrwxrwxrwx 1 root root 40 Jul 8 07:20 chain.pem -> ../../archive/Domain2/chain13.pem
lrwxrwxrwx 1 root root 44 Jul 8 07:20 fullchain.pem -> ../../archive/Domain2/fullchain13.pem
lrwxrwxrwx 1 root root 42 Jul 8 07:20 privkey.pem -> ../../archive/Domain2/privkey13.pem
/etc/letsencrypt/live/Domain2-0001:
total 12
drwxr-xr-x 2 root root 4096 Dec 5 15:29 .
drwx------ 5 root root 4096 Nov 25 10:41 ..
-rw-r--r-- 1 root root 543 Oct 6 14:22 README
lrwxrwxrwx 1 root root 43 Dec 5 15:29 cert.pem -> ../../archive/Domain2-0001/cert2.pem
lrwxrwxrwx 1 root root 44 Dec 5 15:29 chain.pem -> ../../archive/Domain2-0001/chain2.pem
lrwxrwxrwx 1 root root 48 Dec 5 15:29 fullchain.pem -> ../../archive/Domain2-0001/fullchain2.pem
lrwxrwxrwx 1 root root 46 Dec 5 15:29 privkey.pem -> ../../archive/Domain2-0001/privkey2.p
P.S. You can check if config is valid without restarting the server via command:
apachectl configtest
Hellom,
Where did you get Certificate?:
I use the guide from this video: “https://www.youtube.com/watch?v=7Bo78eDEy7g&feature=emb_logo ”
This is the original command:
sudo add-apt-repository ppa:certbot/certbot
sudo apt install python-certbot-apache
sudo certbot --apache -d example.com
Is this self signed Certificate, or from Let’s Encrypt?:
This is not self signed Certificate as far as I got it.
Where it is stored?:
/etc/letsencrypt/live/DOMAIN
Could you please check what is in this folder?:
/etc/letsencrypt/live/:
total 12
drwx------ 3 root root 4096 Dec 16 19:32 .
drwxr-xr-x 9 root root 4096 Dec 20 09:43 ..
drwxr-xr-x 2 root root 4096 Dec 20 09:43 "Host"
/etc/letsencrypt/live/"Host":
total 16
drwxr-xr-x 2 root root 4096 Dec 20 09:43 .
drwx------ 3 root root 4096 Dec 16 19:32 ..
lrwxrwxrwx 1 root root 41 Dec 20 09:43 cert.pem -> ../../archive/"Host"/cert4.pem
lrwxrwxrwx 1 root root 42 Dec 20 09:43 chain.pem -> ../../archive/"Host"chain4.pem
lrwxrwxrwx 1 root root 46 Dec 20 09:43 fullchain.pem -> ../../archive/"Host"fullchain4.pem
lrwxrwxrwx 1 root root 44 Dec 20 09:43 privkey.pem -> ../../archive/"Host"/privkey4.pem
-rw-r--r-- 1 root root 682 Dec 16 19:32 README
-rw-r--r-- 1 root root 1024 Dec 19 08:54 .readme.swp
gas85
December 20, 2019, 11:04am
33
Could you please copy path to the certificate from the apache2 config and use it in following command:
openssl x509 -in PathFromApacheTo/cert.pem -text -noout
This will show you information about Certificate, could be that you did typo in a path or Certificate pointing to the wrong file.
Output example is:
openssl x509 -in /etc/letsencrypt/live/YOUR.DOMAIN/cert.pem -text -noout
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:a7:f7:83:b7:ef:57:ef:be:66:9e:27:1f:2a:0f:75:a3:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
Validity
Not Before: Dec 5 13:29:30 2019 GMT
Not After : Mar 4 13:29:30 2020 GMT
Subject: CN = YOUR.DOMAIN
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
I just found that config is a bit outdated in this forum since time, please use this part instead with fullchain and private key:
SSLCertificateFile /etc/letsencrypt/live/YOUR.DOMAIN/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/YOUR.DOMAIN/privkey.pem
my mistake
It’s seems thet I got a problem withe the certificate, i need to try to make new or somthing.
I tryed to fix it my self so you have few lines of error here
I’m thinking abot “redo” everything but i don’t want to give up! xD
error.log:
[Fri Dec 20 11:20:12.331307 2019] [ssl:info] [pid 36045] AH01914: Configuring server nextcloud:443 for SSL protocol
[Fri Dec 20 11:20:12.331319 2019] [ssl:debug] [pid 36045] ssl_engine_init.c(1708): AH10083: Init: (nextcloud:443) mod_md support is unavailable.
[Fri Dec 20 11:20:12.331643 2019] [ssl:debug] [pid 36045] ssl_engine_init.c(479): AH01893: Configuring TLS extension handling
[Fri Dec 20 11:20:12.331675 2019] [ssl:debug] [pid 36045] ssl_util_stapling.c(868): AH01960: OCSP stapling initialized
[Fri Dec 20 11:20:12.332047 2019] [ssl:debug] [pid 36045] ssl_util_ssl.c(476): AH02412: [nextcloud:443] Cert does not match for name 'nextcloud' [subject: CN=*******/ issuer: CN=Let's Encrypt Authority X3,O=Let's Encrypt,C=U$
[Fri Dec 20 11:20:12.332066 2019] [ssl:warn] [pid 36045] AH01909: nextcloud:443:0 server certificate does NOT include an ID which matches the server name
[Fri Dec 20 11:20:12.332074 2019] [ssl:info] [pid 36045] AH02568: Certificate and private key nextcloud:443:0 configured from /etc/letsencrypt/live/********/cert.pem and /etc/letsencrypt/live/*******/privkey.pem
[Fri Dec 20 11:20:12.332390 2019] [ssl:info] [pid 36045] AH02576: Attempting to load encrypted (?) private key nextcloud:443:1
[Fri Dec 20 11:20:12.332525 2019] [ssl:error] [pid 36045] AH02579: Init: Private key not found
[Fri Dec 20 11:20:12.332548 2019] [ssl:error] [pid 36045] SSL Library Error: error:0D0680A8:asn1 encoding routines:asn1_check_tlen:wrong tag
[Fri Dec 20 11:20:12.332567 2019] [ssl:error] [pid 36045] SSL Library Error: error:0D08303A:asn1 encoding routines:asn1_template_noexp_d2i:nested asn1 error
[Fri Dec 20 11:20:12.332587 2019] [ssl:error] [pid 36045] SSL Library Error: error:0D0680A8:asn1 encoding routines:asn1_check_tlen:wrong tag
[Fri Dec 20 11:20:12.332626 2019] [ssl:error] [pid 36045] SSL Library Error: error:0D07803A:asn1 encoding routines:asn1_item_embed_d2i:nested asn1 error (Type=RSAPrivateKey)
[Fri Dec 20 11:20:12.332644 2019] [ssl:error] [pid 36045] SSL Library Error: error:04093004:rsa routines:old_rsa_priv_decode:RSA lib
[Fri Dec 20 11:20:12.332657 2019] [ssl:error] [pid 36045] SSL Library Error: error:0D0680A8:asn1 encoding routines:asn1_check_tlen:wrong tag
[Fri Dec 20 11:20:12.332672 2019] [ssl:error] [pid 36045] SSL Library Error: error:0D07803A:asn1 encoding routines:asn1_item_embed_d2i:nested asn1 error (Type=PKCS8_PRIV_KEY_INFO)
[Fri Dec 20 11:20:12.332682 2019] [ssl:emerg] [pid 36045] AH02311: Fatal error initialising mod_ssl, exiting. See /var/log/apache2/error.log for more information
[Fri Dec 20 11:20:12.332690 2019] [ssl:emerg] [pid 36045] AH02564: Failed to configure encrypted (?) private key nextcloud:443:1, check /etc/letsencrypt/live/*******/fullchain.pem
AH00016: Configuration Failed
[Fri Dec 20 11:31:48.186362 2019] [ssl:info] [pid 36239] AH01887: Init: Initializing (virtual) servers for SSL
[Fri Dec 20 11:31:48.186447 2019] [ssl:info] [pid 36239] AH01914: Configuring server *******:443 for SSL protocol
[Fri Dec 20 11:31:48.186457 2019] [ssl:debug] [pid 36239] ssl_engine_init.c(1708): AH10083: Init: (*******:443) mod_md support is unavailable.
[Fri Dec 20 11:31:48.186777 2019] [ssl:debug] [pid 36239] ssl_engine_init.c(479): AH01893: Configuring TLS extension handling
[Fri Dec 20 11:31:48.186805 2019] [ssl:debug] [pid 36239] ssl_util_stapling.c(868): AH01960: OCSP stapling initialized
[Fri Dec 20 11:31:48.187135 2019] [ssl:debug] [pid 36239] ssl_util_ssl.c(476): AH02412: [*******:443] Cert matches for name '*******' [subject: CN=*******/ issuer: CN=Let's Encrypt Authority X3,O=Let's En$
[Fri Dec 20 11:31:48.187150 2019] [ssl:info] [pid 36239] AH02568: Certificate and private key *******:443:0 configured from /etc/letsencrypt/live/c*******/cert.pem and /etc/letsencrypt/live/c*******/privkey.$
[Fri Dec 20 11:31:48.187432 2019] [ssl:info] [pid 36239] AH02576: Attempting to load encrypted (?) private key *******:443:1
[Fri Dec 20 11:31:48.187565 2019] [ssl:error] [pid 36239] AH02579: Init: Private key not found
[Fri Dec 20 11:31:48.187588 2019] [ssl:error] [pid 36239] SSL Library Error: error:0D0680A8:asn1 encoding routines:asn1_check_tlen:wrong tag
[Fri Dec 20 11:31:48.187607 2019] [ssl:error] [pid 36239] SSL Library Error: error:0D08303A:asn1 encoding routines:asn1_template_noexp_d2i:nested asn1 error
[Fri Dec 20 11:31:48.187622 2019] [ssl:error] [pid 36239] SSL Library Error: error:0D0680A8:asn1 encoding routines:asn1_check_tlen:wrong tag
[Fri Dec 20 11:31:48.187638 2019] [ssl:error] [pid 36239] SSL Library Error: error:0D07803A:asn1 encoding routines:asn1_item_embed_d2i:nested asn1 error (Type=RSAPrivateKey)
[Fri Dec 20 11:31:48.187653 2019] [ssl:error] [pid 36239] SSL Library Error: error:04093004:rsa routines:old_rsa_priv_decode:RSA lib
[Fri Dec 20 11:31:48.187667 2019] [ssl:error] [pid 36239] SSL Library Error: error:0D0680A8:asn1 encoding routines:asn1_check_tlen:wrong tag
[Fri Dec 20 11:31:48.187682 2019] [ssl:error] [pid 36239] SSL Library Error: error:0D07803A:asn1 encoding routines:asn1_item_embed_d2i:nested asn1 error (Type=PKCS8_PRIV_KEY_INFO)
[Fri Dec 20 11:31:48.187692 2019] [ssl:emerg] [pid 36239] AH02311: Fatal error initialising mod_ssl, exiting. See /var/log/apache2/error.log for more information
[Fri Dec 20 11:31:48.187701 2019] [ssl:emerg] [pid 36239] AH02564: Failed to configure encrypted (?) private key *******:443:1, check /etc/letsencrypt/live/*******fullchain.pem
from here I tryed to go over thie guide:
https://help.ubuntu.com/lts/serverguide/certificates-and-security.html#generating-a-csr
To create new server and priver keys
AH00016: Configuration Failed
[Fri Dec 20 11:48:57.003526 2019] [ssl:info] [pid 36763] AH01887: Init: Initializing (virtual) servers for SSL
[Fri Dec 20 11:48:57.003601 2019] [ssl:info] [pid 36763] AH01914: Configuring server *******:443 for SSL protocol
[Fri Dec 20 11:48:57.003624 2019] [ssl:debug] [pid 36763] ssl_engine_init.c(1708): AH10083: Init: (*******:443) mod_md support is unavailable.
[Fri Dec 20 11:48:57.003927 2019] [ssl:debug] [pid 36763] ssl_engine_init.c(479): AH01893: Configuring TLS extension handling
[Fri Dec 20 11:48:57.003958 2019] [ssl:debug] [pid 36763] ssl_util_stapling.c(868): AH01960: OCSP stapling initialized
[Fri Dec 20 11:48:57.004038 2019] [ssl:emerg] [pid 36763] AH02562: Failed to configure certificate*******:443:0 (with chain), check /etc/ssl/certs/*******.csr
[Fri Dec 20 11:48:57.004066 2019] [ssl:emerg] [pid 36763] SSL Library Error: error:0909006C:PEM routines:get_name:no start line (Expecting: TRUSTED CERTIFICATE) -- Bad file contents or format - or even just a forgotten SSLCertificateKe$
[Fri Dec 20 11:48:57.004088 2019] [ssl:emerg] [pid 36763] SSL Library Error: error:140DC009:SSL routines:use_certificate_chain_file:PEM lib
AH00016: Configuration Failed
[Fri Dec 20 11:52:41.489310 2019] [ssl:info] [pid 1954] AH01887: Init: Initializing (virtual) servers for SSL
[Fri Dec 20 11:52:41.490343 2019] [ssl:info] [pid 1954] AH01914: Configuring server *******:443 for SSL protocol
[Fri Dec 20 11:52:41.490358 2019] [ssl:debug] [pid 1954] ssl_engine_init.c(1708): AH10083: Init: (*******:443) mod_md support is unavailable.
[Fri Dec 20 11:52:41.500104 2019] [ssl:debug] [pid 1954] ssl_engine_init.c(479): AH01893: Configuring TLS extension handling
[Fri Dec 20 11:52:41.500170 2019] [ssl:debug] [pid 1954] ssl_util_stapling.c(868): AH01960: OCSP stapling initialized
[Fri Dec 20 11:52:41.500846 2019] [ssl:emerg] [pid 1954] AH02562: Failed to configure certificate *******:443:0 (with chain), check /etc/ssl/certs/c*******.csr
[Fri Dec 20 11:52:41.500883 2019] [ssl:emerg] [pid 1954] SSL Library Error: error:0909006C:PEM routines:get_name:no start line (Expecting: TRUSTED CERTIFICATE) -- Bad file contents or format - or even just a forgotten SSLCertificateKey$
[Fri Dec 20 11:52:41.500905 2019] [ssl:emerg] [pid 1954] SSL Library Error: error:140DC009:SSL routines:use_certificate_chain_file:PEM lib
AH00016: Configuration Failed
EDIT:
I fix the problem with the key,
Now this is were we at:
IF “#Redirect permanent / https://“Host”/”
I can get to the http site very good.
IF “Redirect permanent / https://“Host”/”
ERR_TOO_MANY_REDIRECTS
This is my error.log:
[Fri Dec 20 12:35:41.042102 2019] [core:info] [pid 3729] [client 172.69.130.11:40318] AH00561: Request header exceeds LimitRequestFieldSize: Cookie
[Fri Dec 20 12:35:41.042118 2019] [core:debug] [pid 3729] protocol.c(1375): [client 172.69.130.11:40318] AH00567: request failed: error reading the headers
[Fri Dec 20 12:35:41.076539 2019] [core:debug] [pid 3742] protocol.c(1022): (28)No space left on device: [client 172.69.130.11:41400] Failed to read request header line Cookie: __cfduid=da2ba5eb34dfd8b754c3fc7de5c84db321576707635; oc_s$
[Fri Dec 20 12:35:41.076682 2019] [core:info] [pid 3742] [client 172.69.130.11:41400] AH00561: Request header exceeds LimitRequestFieldSize: Cookie
[Fri Dec 20 12:35:41.076693 2019] [core:debug] [pid 3742] protocol.c(1375): [client 172.69.130.11:41400] AH00567: request failed: error reading the headers
[Fri Dec 20 12:35:41.110912 2019] [core:debug] [pid 3728] protocol.c(1022): (28)No space left on device: [client 172.69.130.11:40256] Failed to read request header line Cookie: __cfduid=da2ba5eb34dfd8b754c3fc7de5c84db321576707635; oc_s$
[Fri Dec 20 12:35:41.110998 2019] [core:info] [pid 3728] [client 172.69.130.11:40256] AH00561: Request header exceeds LimitRequestFieldSize: Cookie
Any thing else you can think of before i restart everyting and going from the start?
https://“IP”= going to defult apache2 page
http://“IP”= going to webgui
https://“Domain” = going to webgui not secure
http://“Domain” = going to webgui
gas85
December 28, 2019, 8:20am
37
Basically something is wrong with your Certificates, could you try to create new one?
I think with certbot is is something like
sudo certbot --force-renewal
I already reset the system and make it from scratch, now it’s working but i got another problem now.
Hello all,
I got a problem for 2 days and I can’t fine any fix online.
I can upload 20M file with no problem but if i try to upload few folders (MAX 10M) i get errors.
When i try to upload files i get the error:
[no app in context] Error: Sabre\DAV\Exception\BadRequest: Expected filesize of 68017 bytes but read (from Nextcloud client) and wrote (to Nextcloud storage) 57344 bytes. Could either be a network problem on the sending side or a problem writing to the storage on the server side. at <…