System Administration & Network Administration
ssl apache2 certbot
Updated Tue, 30 Aug 2022 14:07:14 GMT

Cannot acess SSL version of mysite [Apache2][SSL][Certbot]


So i just installed let's encrypt ssl certificate via certbot with command

sudo certbot --apache -d mysite.org -d mysite.org

However after succesfull intallation the site simply cant be accessed, i've used a few recommendation from the internet like adding port 443 to ports.conf

Listen 443
<IfModule mod_ssl.c>
    NameVirtualHost *:443
    Listen 443
</IfModule>

Adding VirtualHost *:443 block to 000-default (even tho i'm sure i'm not using that conf)

<VirtualHost *:443>
DocumentRoot /var/www/html/mysite
ServerName mysite.org
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/mysite.org/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/mysite.org/privkey.pem
</VirtualHost>

I've also enabled mod_ssl with a2enmod ssl in my apache, disabled my firewall, and restarting apache everytime i make a change, but nothing happened, my site still can't be accessed via ssl the browser simply said my site is unreachable.

This is how mysite.org.conf looks like (i commented the https redirect) :

<VirtualHost *:80>
ServerName mysite.org
ServerAlias www.mysite.org localhost
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html/mysite
<Directory /var/www/html/mysite>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/mysite.org-error.log
CustomLog ${APACHE_LOG_DIR}/mysite.org-acces.log combined
#RewriteEngine on
#RewriteCond %{SERVER_NAME} =www.mysite.org [OR]
#RewriteCond %{SERVER_NAME} =localhost [OR]
#RewriteCond %{SERVER_NAME} =mysite.org
#RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

And this is how mysite.org-le-ssl.conf looks like

<IfModule mod_ssl.c>
<VirtualHost *:443>    
    ServerAdmin admin@mysite.org
    ServerName mysite.org
    ServerAlias www.mysite.org
    DocumentRoot /var/www/html/mysite
SSLCertificateFile /etc/letsencrypt/live/mysite.org/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/mysite.org/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>

I really have no idea how to solve this problem, could you guys please help me ?

here is the result of

sudo netstat -nlp |grep :443

tcp6       0      0 :::443                  :::*                    LISTEN      16258/apache2   
tcp6       0      0 :::443                  :::*                    LISTEN      16258/apache2   
tcp6       0      0 :::443                  :::*                    LISTEN      16258/apache2   
tcp6       0      0 :::443                  :::*                    LISTEN      16258/apache2   
tcp6       0      0 :::443                  :::*                    LISTEN      16258/apache2   
tcp6       0      0 :::443                  :::*                    LISTEN      16258/apache2   
tcp6       0      0 :::443                  :::*                    LISTEN      16258/apache2   

the result of wget command :

Connecting to mysite.org (mysite.org)|my.public.ip.address|:443... failed: Connection refused.

the result of curl command (my ubuntu somehow cant locate package curl so i did it in windows)

curl: (56) Recv failure: Connection was reset

and yes i can access my site via http and my public ip.




Solution

well i somehow solved it, so my router is configurated to ip forward any person who accessing my ip public to the server ip port 80, and there is no configuration to ip forward to port 443, after added that configuration now i can finally access the site via https.