In ports.conf have a 443 port listen configured? You enable mod_ssl with a2enmod mod_ssl?
On Sun, Aug 12, 2018 at 2:52 PM Mahmood Naderan <nt_mahm...@yahoo.com.invalid> wrote: > Hi, > > I am totally confused with the configuration of ssl via apache2. The > server's page is reachable by an IP address. So, when I enter > http://w.x.y.z I am able to see the web page and the content of > /etc/apache2/sites-available/000-default.conf is > > > DocumentRoot /var/www/html > <Directory /var/www/html/> > Options FollowSymLinks > AllowOverride All > Order allow,deny > allow from all > </Directory> > > > > Now, what I do for the ssl is to first comment the above lines (because > the virtualhost is on port 80). Then I paste the above lines in > /etc/apache2/sites-available/default-ssl.conf and the content is shown > below. Please note that the certificates were obtained by the network admin > and are valid because the main website has FQDN. > > > <IfModule mod_ssl.c> > <VirtualHost _default_:443> > ServerAdmin webmaster@localhost > DocumentRoot /var/www/html > <Directory /var/www/html/> > Options FollowSymLinks > AllowOverride All > Order allow,deny > allow from all > </Directory> > LogLevel debug ssl:warn > > ErrorLog ${APACHE_LOG_DIR}/error.log > CustomLog ${APACHE_LOG_DIR}/access.log combined > > SSLCertificateFile > /home/mahmood/certi/certificate-standard_wildcard.SOMEWHERE.COM.crt > SSLCertificateKeyFile > /home/mahmood/certi/certificate-standard_wildcard. SOMEWHERE.COM.key > SSLCertificateChainFile > /home/mahmood/certi/intermediate.crt > SSLEngine on > > <FilesMatch "\.(cgi|shtml|phtml|php)$"> > SSLOptions +StdEnvVars > </FilesMatch> > <Directory /usr/lib/cgi-bin> > SSLOptions +StdEnvVars > </Directory> > </VirtualHost> > </IfModule> > > > > > > I also paste the following entries in /var/www/html/.htaccess > > > RewriteEngine on RewriteCond %{SERVER_PORT} 443 > RewriteCond %{HTTP_HOST} ^(subdomain\.)?SOMEWHERE\.COM RewriteRule > ^(.*)$ https://subdomain.SOMEWHERE.COM/$1 [R,L] > > > The firewall status also looks fine > > > root@webshub:~# ufw status > Status: active > To Action From > -- ------ ---- > Apache Full ALLOW Anywhere > OpenSSH ALLOW Anywhere > 20/tcp ALLOW Anywhere > 21/tcp ALLOW Anywhere > 990/tcp ALLOW Anywhere > 40000:50000/tcp ALLOW Anywhere > Apache Full (v6) ALLOW Anywhere (v6) > OpenSSH (v6) ALLOW Anywhere (v6) > 20/tcp (v6) ALLOW Anywhere (v6) > 21/tcp (v6) ALLOW Anywhere (v6) > 990/tcp (v6) ALLOW Anywhere (v6) > 40000:50000/tcp (v6) ALLOW Anywhere (v6) > > > > > After restarting apache2 service, still I see that http://w.x.y.z works > but https://w.x.y.z is unreachable with the browser. > > > Any thought is welcomed. > > > > Regards, > Mahmood > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > > -- Elias Pereira
