0

Been banging my head on this one for a while, for some reason Apache refuses to properly implement https redirect. I have tried it using a permanent redirect as well as a mod rewrite and everything in between. Currently I only have one virtual hosts file as I was trying to remove any unnecessary convolution. I checked the status of the Apache config and it shows the virtual hosts file in question being used.

I am trying to renew a lets encrypt cert, and I cant renew since it accesses the site via http. Whenever I try to access my site via http it gives me a 400 error stating that it cant deliver an http site using port 443. So basically Apache is redirecting http port 80 traffic to port 443, but it will not redirect http to https no matter what I try.

    <IfModule mod_ssl.c>
<VirtualHost *:80>
    ServerName mysite.net
    RewriteEngine On
    RewriteCond %{HTTPS} !=on
    RewriteRule ^(/(.*))?$ https://%{HTTP_HOST}/$1 [R=301,L]
</VirtualHost>
<VirtualHost *:443
    ServerName mysite.net
    RewriteEngine On
    RewriteCond %{HTTPS} !=on
    RewriteRule ^(/(.*))?$ https://%{HTTP_HOST}/$1 [R=301,L]
    ServerAdmin webmaster@localhost
    DocumentRoot /var/www/html/
    SSLEngine on
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
    SSLCertificateFile /etc/letsencrypt/live/mysite.net/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/mysite.net/privkey.pem
    Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
Michael Lynch
  • 1
  • Please edit the output of your try to access the site via http (preferably with wget or curl, `wget -S --spider`) including the request and answer headers into your question. – Gerald Schneider Dec 06 '18 at 10:11
  • The only Linux box I'm running is the server itself, which shows the redirect working. Funnily enough the redirect works as it should on the servers local network where the hostname points to the server directly via the routers manual dns entry. Outside the network I use a No-ip ddns subdomain to point to the server. When using the ddns address outside my local network it comes up with the 400 Bad Request message, and that is where it refuses to redirect. So the issue lies with No-ip and how it is handling the http request. – Michael Lynch Dec 06 '18 at 10:39
  • your assumption most likely is wrong. no-ip ddns (in the free version) just gives you an easy to use domain name to IP translation without the need of implementing a DNS and updating it with your home IP all the time. Given that: to get apache to serve the correct vhost you might need a Serveralias with your no-ip hostname. – Dennis Nolte Dec 06 '18 at 10:42
  • I am pointing the no-ip ddns address in the local network to the server local ip directly, overriding the no-ip dns entry. Ergo, the ServerName is the actually no-ip hostname. I am able to access both sides just fine manually typing in https, but I need to fix the redirect in order to renew my ssl cert. :( – Michael Lynch Dec 06 '18 at 12:18
  • First thing I would do would be to fix the obvious typo in ` – Michael Hampton Dec 06 '18 at 15:00
  • Must have bugged out when I copied the virtual host config. Double checked and the end bracket is there in the server config. – Michael Lynch Dec 07 '18 at 01:57

1 Answers1

0

I figured it out, I am a colossal idiot XD. In my router, port 80 for the server was being forwarded to port 443.

Michael Lynch
  • 1