We help IT Professionals succeed at work.

Problem with SSL Sites Certification

211 Views
Last Modified: 2018-09-17
Hello,

I am installing SSL Certification on my Linux Centos Server. And I am trying the first Domains. It is almost working. But I have one strange problem. If I use a URL to the Site root (www) it comes as Secure. But if I use a URL to any internal directory it comes as Unsecure, depending on using www or a slash at the end.

Please try it in your Chrome Browser, but, clear its Cache memory between the tests. I have added SSL to 2 of our Sites:

segurosagro.com.br
multisites.com.br

And I created a simple directory called testredirect which has just an index.html file with an image.

1) segurosagro.com.br/testredirect

It comes as Unsecure.

2) segurosagro.com.br/testredirect/

It works, and comes as Secure.

3) www.segurosagro.com.br/testredirect

It also works, and comes as Secure.

In the same way:

1) multisites.com.br/testredirect

It comes as Unsecure.

2) multisites.com.br/testredirect/

It works, and comes as Secure.

3) www.multisites.com.br/testredirect

It also works, and comes as Secure.

My actual httpd.conf <virtualhosts> entries for segurosagro.com.br and multisites.com.br are as below. You will see that they are slightly different. This is due to tests I was doing trying to solve the problem:

#--------------------------------------------------------
#                 multisites.com.br
#--------------------------------------------------------
<virtualhost 66.226.75.86:80>
ServerAdmin webmaster@multisitesdominios.com.br
ServerName www.multisites.com.br
ServerAlias multisites.com.br
ServerAlias www.multisites.net.br
DocumentRoot /var/www/html/multisites/www
ScriptAlias /cgi-bin/ /var/www/html/multisites/www/cgi-multisites/
<Directory "/var/www/html/multisites/www/cgi-multisites/">
        Options ExecCGI Includes
        AllowOverride None
</Directory>
ErrorLog logs/multisites-error-log
TransferLog logs/multisites-access-log
#
#Redirection to https
#
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]
</virtualhost>

#--------------------------------------------------------
#                 segurosagro.com.br
#--------------------------------------------------------
<virtualhost 66.226.75.86:80>
ServerAdmin webmaster@multisitesdominios.com.br
ServerName www.segurosagro.com.br
ServerAlias segurosagro.com.br
DocumentRoot /home/segurosagro/www
ScriptAlias /cgi-bin/ /home/segurosagro/www/cgi-segurosagro/
<Directory "/home/segurosagro/www/cgi-segurosagro/">
        Options ExecCGI Includes
        AllowOverride None
</Directory>
TransferLog logs/segurosagro-access-log
#
#Redirection to https
#
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]
</virtualhost>

Thanks for any help.
Comment
Watch Question

David FavorFractional CTO
CERTIFIED EXPERT
Distinguished Expert 2019
Commented:
This problem has been solved!
(Unlock this solution with a 7-day Free Trial)
UNLOCK SOLUTION
CERTIFIED EXPERT
Commented:
This problem has been solved!
(Unlock this solution with a 7-day Free Trial)
UNLOCK SOLUTION
Mihai BarbosTrying to tame bits. They're nasty.
Commented:
This problem has been solved!
(Unlock this solution with a 7-day Free Trial)
UNLOCK SOLUTION
Fractional CTO
CERTIFIED EXPERT
Distinguished Expert 2019
Commented:
This problem has been solved!
(Unlock this solution with a 7-day Free Trial)
UNLOCK SOLUTION
CERTIFIED EXPERT

Commented:
The last version of certbot handles restarting Apache when needed

The problem you mention with certbot-auto might come from a slight versions difference between the "standard" version (ie the one you get with ap-get install). Downloading the script and using it does not have those problem and the srcipt updates itself (if needed) before renewing yhe certs
CERTIFIED EXPERT
Commented:
This problem has been solved!
(Unlock this solution with a 7-day Free Trial)
UNLOCK SOLUTION
Mario LimaOwner

Author

Commented:
Hi, guys, I thank you a lot for all the suggestions and comments. I have submitted everything to my technician, and I will tell you later how the things have gone.
Mário Lima./
CERTIFIED EXPERT

Commented:
Mihai's suggestion is useful.
Best sontributions are the 2 from David.