0

If I type in example.com into the URL it redirects to https://www.example.com which is great, same with typing http://example.com I get the correct redirect to https://www.example.com.

However if I type in https://example.com it takes me to the warning SSL Certificate invalid page. After checking what the domain the certificate was for I realised that it's taking me to completely different website I have on the server(the same site that comes up if I type my VPS IP Address directly into the URL.)

Heres my config file:

<VirtualHost *:80>
    ServerName example.com
    Redirect permanent / https://www.example.com/
</VirtualHost>

<IfModule mod_ssl.c>
<VirtualHost *:443>

        ServerName www.example.com
        ServerAlias *.example.com
        ServerAdmin noreply@example.com
        DocumentRoot /var/www/html

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

        Alias /static /home/user/example/static
        <Directory /home/user/example/static>
                Require all granted
        </Directory>

        <Directory /home/user/example/example>
                <Files wsgi.py>
                        Require all granted
                </Files>
        </Directory>

        WSGIScriptAlias / /home/user/example/example/wsgi.py
        WSGIDaemonProcess exsite python-path=/home/user/example python-home=/home/user/example/venv
        WSGIProcessGroup exsite


RewriteEngine On
RewriteCond %{HTTP_HOST} ^example\.com$ [NC]
RewriteRule ^ https://www.example.com%{REQUEST_URI} [R=301,L]

SSLCertificateFile /etc/letsencrypt/live/www.example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/www.example.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>
Esa Jokinen
  • 46,944
  • 3
  • 83
  • 129
Z D
  • 11
  • 3

1 Answers1

2

Neither of these covers the example.com, and the default site is used, instead:

ServerName www.example.com 
ServerAlias *.example.com

If your certificate is a wildcard certificate for example.com, you could add it to your ServerAlias:

ServerName www.example.com 
ServerAlias example.com *.example.com

It is also possible to avoid using mod_rewrite altogether by adding another VirtualHost *:443 block:

<IfModule mod_ssl.c>
    <VirtualHost *:443>
        ServerName www.example.com
        #...
    </VirtualHost>

    <VirtualHost *:443>
        ServerName example.com
        ServerAlias *.example.com

        Redirect permanent / https://www.example.com/

        SSLCertificateFile /etc/letsencrypt/live/www.example.com/fullchain.pem 
        SSLCertificateKeyFile /etc/letsencrypt/live/www.example.com/privkey.pem
        Include /etc/letsencrypt/options-ssl-apache.conf
    </VirtualHost>
</IfModule>
Esa Jokinen
  • 46,944
  • 3
  • 83
  • 129
  • Thanks, I used `ServerAlias example.com *.example.com` and it worked perfectly. Could you explain avoiding `mod_rewrite` a bit more as I didn't understand...Do i replace my whole config file with that, or do I append it to what I currently have? Why is it good practise to avoid `mod_rewrite`? – Z D Apr 03 '21 at 11:44
  • That's explained in [When not to use mod_rewrite](https://httpd.apache.org/docs/2.4/rewrite/avoid.html). – Esa Jokinen Apr 03 '21 at 12:11