0

I'm trying to setup my application using HTTPs, I followed a guide HERE to do it properly but it's not working.

My app runs perfectly in port 80 (http) and when I turn on auto redirect for 443 (https) it gives me a 403 forbiddend when I try to access it through Browser. And in Apache2 error log, I can see the message "AH01276: Cannot serve directory /var/my_app_location/: No matching DirectoryIndex"

The differences between conf files from 80 to 443 are basically:

  • Port number

  • Present in 443 file config:

    • "IfModule mod_ssl.c" present in 443 file config
    • Include letsencrypt
    • SSLCertificateFile
    • SSLCertificateKeyFile
    • <Directory "/var/my_app_location/">AllowOverride none Require all granted

Can anyone guide me?

UPDATE Here is the virtualhost files:

<VirtualHost *:80>
ServerAdmin admin@mydomain.com.br
ServerName mydomain.com.br
ServerAlias www.mydomain.com.br
DocumentRoot /var/netcore/
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
RewriteEngine off
RewriteCond %{SERVER_NAME} =www.mydomain.com.br [OR]
RewriteCond %{SERVER_NAME} =mydomain.com.br
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI}[END,NE,R=permanent]
</VirtualHost>



<IfModule mod_ssl.c>
<VirtualHost *:443>
    ServerAdmin admin@mydomain.com.br
    ServerName www.mydomain.com.br
    ServerAlias *.mydomain.com.br
    DocumentRoot /var/netcore/
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
    <Directory "/var/netcore">
        AllowOverride none
        Require all granted
    </Directory>


Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/mydomain.com.br/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/mydomain.com.br/privkey.pem
</VirtualHost>
</IfModule>
mfvjunior
  • 109
  • 2
  • 2
    Show the actual VirtualHost for each port. – John Hanley May 01 '23 at 20:32
  • `I followed a guide` either the guide is broken, or you didn't follow it correctly – Jaromanda X May 02 '23 at 04:31
  • I am sorry, what link did you provide? All details must be included in your post. Links break, change and can be deleted. Put everything required in your post. – John Hanley May 02 '23 at 05:15
  • @JaromandaX Sorry, now I provided the link. – mfvjunior May 02 '23 at 12:28
  • @JohnHanley Now I provided the guide that I followed. – mfvjunior May 02 '23 at 12:29
  • Links to tutorials are useless. We have no way of knowing which steps you followed and which not. We don't know how the config looked in the first place. Provide your actual configuration files. – Gerald Schneider May 02 '23 at 12:29
  • @GeraldSchneider exactly, I didn't expect that the guide would be relevant, but they asked. I wasn't connected to the machine to provide the full file config, so I tried to resume in description. Now it is updated. – mfvjunior May 02 '23 at 13:44
  • Where is the global definition of `DirectoryIndex` in your apache config? – Gerald Schneider May 02 '23 at 13:49
  • I think I don't have one, I think I shouldn't have one. I'm running a net core app, usually we don't have a index.html file when publish. In the apache.conf file it doesn't list a directoryindex as well.. As I said previously, http works fine without this directoryindex. – mfvjunior May 02 '23 at 13:56

1 Answers1

0

Solved. For Http, there was another complementary configuration (/etc/apache2/conf-enabled) that turned on a reverse proxy that redirects traffic to the running local service (net core app).

The solution was including this reverse proxy config also for the 443 virtual host file.

mfvjunior
  • 109
  • 2