In ports.conf have a 443 port listen configured? You enable mod_ssl with
a2enmod mod_ssl?
On Sun, Aug 12, 2018 at 2:52 PM Mahmood Naderan
wrote:
> Hi,
>
> I am totally confused with the configuration of ssl via apache2. The
> server's page is reachable by an IP address. So, when I enter
> http://w.x.y.z I am able to see the web page and the content of
> /etc/apache2/sites-available/000-default.conf is
>
>
> DocumentRoot /var/www/html
>
> Options FollowSymLinks
> AllowOverride All
> Order allow,deny
> allow from all
>
>
>
>
> Now, what I do for the ssl is to first comment the above lines (because
> the virtualhost is on port 80). Then I paste the above lines in
> /etc/apache2/sites-available/default-ssl.conf and the content is shown
> below. Please note that the certificates were obtained by the network admin
> and are valid because the main website has FQDN.
>
>
>
>
> ServerAdmin webmaster@localhost
> DocumentRoot /var/www/html
>
> Options FollowSymLinks
> AllowOverride All
> Order allow,deny
> allow from all
>
> LogLevel debug ssl:warn
>
> ErrorLog ${APACHE_LOG_DIR}/error.log
> CustomLog ${APACHE_LOG_DIR}/access.log combined
>
> SSLCertificateFile
> /home/mahmood/certi/certificate-standard_wildcard.SOMEWHERE.COM.crt
> SSLCertificateKeyFile
> /home/mahmood/certi/certificate-standard_wildcard. SOMEWHERE.COM.key
> SSLCertificateChainFile
> /home/mahmood/certi/intermediate.crt
> SSLEngine on
>
>
> SSLOptions +StdEnvVars
>
>
> SSLOptions +StdEnvVars
>
>
>
>
>
>
>
>
> I also paste the following entries in /var/www/html/.htaccess
>
>
> RewriteEngine onRewriteCond %{SERVER_PORT} 443
> RewriteCond %{HTTP_HOST} ^(subdomain\.)?SOMEWHERE\.COMRewriteRule
> ^(.*)$ https://subdomain.SOMEWHERE.COM/$1 [R,L]
>
>
> The firewall status also looks fine
>
>
> root@webshub:~# ufw status
> Status: active
> To Action From
> -- --
> Apache FullALLOW Anywhere
> OpenSSHALLOW Anywhere
> 20/tcp ALLOW Anywhere
> 21/tcp ALLOW Anywhere
> 990/tcpALLOW Anywhere
> 4:5/tcpALLOW Anywhere
> Apache Full (v6) ALLOW Anywhere (v6)
> OpenSSH (v6) ALLOW Anywhere (v6)
> 20/tcp (v6)ALLOW Anywhere (v6)
> 21/tcp (v6)ALLOW Anywhere (v6)
> 990/tcp (v6) ALLOW Anywhere (v6)
> 4:5/tcp (v6) ALLOW Anywhere (v6)
>
>
>
>
> After restarting apache2 service, still I see that http://w.x.y.z works
> but https://w.x.y.z is unreachable with the browser.
>
>
> Any thought is welcomed.
>
>
>
> Regards,
> Mahmood
>
> -
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
>
>
--
Elias Pereira