0

So i just installed let's encrypt ssl certificate via certbot with command

sudo certbot --apache -d mysite.org -d mysite.org

However after succesfull intallation the site simply cant be accessed, i've used a few recommendation from the internet like adding port 443 to ports.conf 

Listen 443 <IfModule mod_ssl.c> NameVirtualHost *:443 Listen 443 </IfModule>

Adding VirtualHost *:443 block to 000-default (even tho i'm sure i'm not using that conf)

<VirtualHost *:443> DocumentRoot /var/www/html/mysite ServerName mysite.org SSLEngine on SSLCertificateFile /etc/letsencrypt/live/mysite.org/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/mysite.org/privkey.pem </VirtualHost>

I've also enabled mod_ssl with a2enmod ssl in my apache, disabled my firewall, and restarting apache everytime i make a change, but nothing happened, my site still can't be accessed via ssl the browser simply said my site is unreachable.

This is how mysite.org.conf looks like (i commented the https redirect) :

<VirtualHost *:80> ServerName mysite.org ServerAlias www.mysite.org localhost ServerAdmin webmaster@localhost DocumentRoot /var/www/html/mysite <Directory /var/www/html/mysite> Options Indexes FollowSymLinks MultiViews AllowOverride All Require all granted </Directory> ErrorLog ${APACHE_LOG_DIR}/mysite.org-error.log CustomLog ${APACHE_LOG_DIR}/mysite.org-acces.log combined #RewriteEngine on #RewriteCond %{SERVER_NAME} =www.mysite.org [OR] #RewriteCond %{SERVER_NAME} =localhost [OR] #RewriteCond %{SERVER_NAME} =mysite.org #RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent] </VirtualHost>

And this is how mysite.org-le-ssl.conf looks like

<IfModule mod_ssl.c> <VirtualHost *:443> ServerAdmin [email protected] ServerName mysite.org ServerAlias www.mysite.org DocumentRoot /var/www/html/mysite SSLCertificateFile /etc/letsencrypt/live/mysite.org/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/mysite.org/privkey.pem Include /etc/letsencrypt/options-ssl-apache.conf </VirtualHost> </IfModule>

I really have no idea how to solve this problem, could you guys please help me ?

here is the result of

sudo netstat -nlp |grep :443

tcp6 0 0 :::443 :::* LISTEN 16258/apache2 tcp6 0 0 :::443 :::* LISTEN 16258/apache2 tcp6 0 0 :::443 :::* LISTEN 16258/apache2 tcp6 0 0 :::443 :::* LISTEN 16258/apache2 tcp6 0 0 :::443 :::* LISTEN 16258/apache2 tcp6 0 0 :::443 :::* LISTEN 16258/apache2 tcp6 0 0 :::443 :::* LISTEN 16258/apache2

the result of wget command :

Connecting to mysite.org (mysite.org)|my.public.ip.address|:443... failed: Connection refused.

the result of curl command (my ubuntu somehow cant locate package curl so i did it in windows)

curl: (56) Recv failure: Connection was reset

and yes i can access my site via http and my public ip.

Improve this question
8
  • doesn't work is not a helpful description. What is the actual error message you get when you try to reach your server? Commented Jul 1, 2019 at 4:38
  • "the site can't be reached" sorry, my english vocabulary is kinda limited Commented Jul 1, 2019 at 4:50
  • Please edit the output of sudo netstat -nlp |grep :443 into your question Commented Jul 1, 2019 at 4:57
  • i've added it sir, please check it out Commented Jul 1, 2019 at 5:02
  • Does your site work when you try http instead of https? Does your computer resolve the correct IP address? Do your tests using wget or curl, you get much clearer error messages and you can copy and paste the output into your question. Commented Jul 1, 2019 at 5:03

1 Answer 1

Reset to default
0

well i somehow solved it, so my router is configurated to ip forward any person who accessing my ip public to the server ip port 80, and there is no configuration to ip forward to port 443, after added that configuration now i can finally access the site via https.

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.