Join Log in
Score:0
pierre fro avatar Server

Amazon Linux 2 SSL setup with Godaddy subdomain Certificate

iq flag
pierre fro

I have two sites site1.mydomain.com and site2.mydomain.com on a Amazon Linux 2 instance. I used a Loadbalancer and a godaddy certifcate with subdomains site1 and site2 but for cost reasons wanted to get rid of the loadbalancer and install the certifcate directly on the machine. I managed that.. but now the sites only show the Apache boilerplate page.. and not the content in my var/www/html/site1 and site2 folders. What do i have to write in the httpd.conf file or where do i have to fiddle?

I followed the instructions to install a ssl certificate on the AWSLinux2 instance.. but then it would not show my sites anymore. My godaddy certificate has all the subdomains registered.

I get for example

[ec2-user@embatek ~]$ apachectl -S
VirtualHost configuration:
*:80                   embatek.com.br (/etc/httpd/conf/httpd.conf:87)
*:433                  embatek.com.br (/etc/httpd/conf/httpd.conf:95)
ServerRoot: "/etc/httpd"
Main DocumentRoot: "/var/www/html"
Main ErrorLog: "/etc/httpd/logs/error_log"
Mutex default: dir="/run/httpd/" mechanism=default 
Mutex mpm-accept: using_defaults
Mutex cache-socache: using_defaults
Mutex authdigest-opaque: using_defaults
Mutex watchdog-callback: using_defaults
Mutex proxy-balancer-shm: using_defaults
Mutex rewrite-map: using_defaults
Mutex ssl-stapling-refresh: using_defaults
Mutex authdigest-client: using_defaults
Mutex lua-ivm-shm: using_defaults
Mutex ssl-stapling: using_defaults
Mutex proxy: using_defaults
Mutex authn-socache: using_defaults
Mutex ssl-cache: using_defaults
PidFile: "/run/httpd/httpd.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="apache" id=48 not_used
Group: name="apache" id=48 not_used
[ec2-user@embatek ~]$
109
1 + 8
ssl
vidarlo avatar
ar flag
vidarlo
You don't show us any configuration. There's no way we can tell you whats wrong.
0
Reply
pierre fro avatar
iq flag
pierre fro
Well..I added apacheconfig -S to the file.
0
Reply
vidarlo avatar
ar flag
vidarlo
Can you show us your config? Your ***actual*** apache config files? Based on http connection to embatek.com.br you've configured TLS on port 80.
0
Reply
pierre fro avatar
iq flag
pierre fro
how would I upload the httpd.conf e ssl.conf files?
0
Reply
pierre fro avatar
iq flag
pierre fro
I have posted my ssl.config and httpd.conf files here.. I tried to paste as code.. but it looked to messy. https://www.dropbox.com/sh/vbo8bwag6jr6fuo/AACQ2HYL53nIpBgUzsOMUHnoa?dl=0
0
Reply
pierre fro avatar
iq flag
pierre fro
[ec2-user@embatek ~]$ sudo tail /etc/httpd/logs/error_log [Thu Nov 17 20:00:58.099215 2022] [autoindex:error] [pid 3242] [client 66.249.64.226:65133] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive
0
Reply
pierre fro avatar
iq flag
pierre fro
I do not think that is really an error.. it is just that ssl serves NOT the correct /var/www/html/mysite folder.. but the parent directory /var/www/html/.. there it finds no index file and gives this error. Only in https this happens.. If i manually choose http.. it serves the right directory. this must be a standart problem in Amazon Linux 2 if you install SLL.. However in their Documentation, AWS does not mention that this could happen.. (that the https call.. goes to the main and not Virtualhost directory)...
0
Reply
pierre fro avatar
iq flag
pierre fro
:-( I know I put the question confused.. But.. nobody? Do I have to go back to using a Loadbalancer (which costs 30USD/month), because I cannot make a SSL certificate work on a Amazon Linux 2 machine? I am at the end of my ideas.. crying..
0
Reply
Score:0
vidarlo avatar Server
ar flag
vidarlo

*:433 embatek.com.br (/etc/httpd/conf/httpd.conf:95)

This is the wrong port. The port for https is 443.

Edit line 95 of your httpd.conf to read <VirtualHost *:443> and try again.

+ 4
pierre fro avatar
iq flag
pierre fro
I thank you SSOOOO much.. That did the trick.. Lost two workdays on this. I am a legastenic.. it seems.. 443 vs 433... what a SNAFUS.. I put the Virtualhost *:443 directive in the ssl.conf file and now all works..
0
Reply
vidarlo avatar
ar flag
vidarlo
I missed it a first readthrough as well. But please accept the question if it solved the problem. Otherwise it will pop every now and then.
0
Reply
pierre fro avatar
iq flag
pierre fro
Hi Vidarlo, how? do I mark as solved? Just clicking on the green OK. Did that. Thanks again for your help.
0
Reply
vidarlo avatar
ar flag
vidarlo
Yup, that's it :)
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.