0

we are using Apache on an Ubuntu server to host our websites. SSL Certificates are provided be LetsEncrypt and everything worked fine for the last years.

Last friday I tried to renew one of the certificates and it didn't work. The .well-known/acme-challenge folders are not created, I tried several thing in the last days and it's even worse now: We have a main domain domain1.de and a second domain domain2.com. domain1.de works fine with SSL. domain2.com always shows the domain1.de site now.

Configuration files are for domain1.de:

<VirtualHost *:80>
ServerAdmin webmaster@localhost
ServerName domain1.de
ServerAlias www.domain1.de
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

and SSL:

<IfModule mod_ssl.c>
<VirtualHost _default_:443>
    ServerAdmin webmaster@localhost
    ServerName domain1.de
    ServerAlias www2.domain1.de
    
    DocumentRoot /var/www/html

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
    
    SSLEngine on
    SSLCertificateFile      /etc/letsencrypt/live/www2.domain1.de/cert.pem
    SSLCertificateKeyFile   /etc/letsencrypt/live/www2.domain1.de/privkey.pem
    SSLCertificateChainFile /etc/letsencrypt/live/www2.domain1.de/fullchain.pem
    
    <FilesMatch "\.(cgi|shtml|phtml|php)$">
         SSLOptions +StdEnvVars
    </FilesMatch>
    <Directory /usr/lib/cgi-bin>
        SSLOptions +StdEnvVars
    </Directory>
</VirtualHost>
</IfModule>

Configuration files are for domain2.com:

<VirtualHost *:80>
ServerAdmin webmaster@localhost
ServerName domain2.com
ServerAlias www.domain2.com
DocumentRoot /var/www/domain2.com
ErrorLog ${APACHE_LOG_DIR}/error_journalsuite_com.log
CustomLog ${APACHE_LOG_DIR}/access_journalsuite_com.log combined
RewriteEngine on
RewriteCond %{SERVER_NAME} =domain2.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

apachectl -S output:

root@domain1new /var/www/domain2.com # apachectl -S
VirtualHost configuration:
*:443                  domain1.de (/etc/apache2/sites-enabled/domain1.de-ssl.conf:2)
*:80                   is a NameVirtualHost
         default server domain1.de (/etc/apache2/sites-enabled/domain1.de.conf:1)
         port 80 namevhost domain1.de (/etc/apache2/sites-enabled/domain1.de.conf:1)
                 alias www2.domain1.de
         port 80 namevhost domain2.com (/etc/apache2/sites-enabled/domain2.com.conf:1)
                 alias www.domain2.com
ServerRoot: "/etc/apache2"
Main DocumentRoot: "/var/www/html"
Main ErrorLog: "/var/log/apache2/error.log"
Mutex ssl-stapling: using_defaults
Mutex proxy: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/var/run/apache2/" mechanism=default
Mutex mpm-accept: using_defaults
Mutex watchdog-callback: using_defaults
Mutex rewrite-map: using_defaults
Mutex ssl-stapling-refresh: using_defaults
PidFile: "/var/run/apache2/apache2.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="www-data" id=33
Group: name="www-data" id=33

I spent some time searching here and and on other sites and I'm lost at the moment. Any tipps or ideas?

Thanks

3
  • You don't have port 443 configuration for domain2.com.
    – AlexD
    Commented Jan 25 at 7:15
  • Yes - but I can't access domain2.com via http and port 80. I tried wget journalsuite.com --no-check-certificate from a different system and I get the startpage from domain1.de and not the startpage from domain2.com Commented Jan 25 at 9:10
  • You have a redirect to https in the domain2 but there is no https server block active for that domain. Check the logs but it will probably not respond because the https redirect can't be done. Check the logs for that. Or maybe apachectl configtest shows it
    – Turdie
    Commented Jan 26 at 0:47

1 Answer 1

0

You are missing the configuration for HTTPS port 443 for domain2.com. The HTTP with port 80 works. If you test it with curl -v http://domain2.com you'll see that it is working but redirecting to https://domain2.com (as per your RewriteRule) which doesn't have proper configuration and uses the default VirtualHost _default_:443 for domain domain1.de. If you check with curl -v -k https://domain2.com you'll see that it presents a TLS certificate for domain1.de and does 301 Redirect to https://www2.domain1.de/.

To solve your issue you need to create <VirtualHost *:443> with ServerName domain2.com and appropriate SSLEngine config settings.

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .