1

I am running a web domain against a Bitnami AWS AMI image... I have just changed to an elastic i.p. address and need to set up https for the site. I am running the bncert-tool but get the below error:

###################################################################################################

sudo /opt/bitnami/bncert-tool
----------------------------------------------------------------------------
    Welcome to the Bitnami HTTPS Configuration tool.

----------------------------------------------------------------------------

    Domains

    Please provide a valid space-separated list of domains for which you wish to
    configure your web server.

    Domain list []: blah.com.
    The following domains were not included: www.blah.com.au. Do you want to add them? [Y/n]: y
    Warning: The domain 'www.blah.com.au' resolves to a different IP address
    than the one detected for this machine, which is '13.210.101.***'. Please fix
    its DNS entries or remove it. For more info see:
    https://docs.bitnami.com/general/faq/configuration/configure-custom-domain/
#

I have googled around and tried running:

sudo /opt/bitnami/mysql/bnconfig --machine_hostname blah.com

Which does run, but makes no difference.

Can anyone help?

Scouse_Bob
  • 600
  • 7
  • 26

4 Answers4

2

Bitnami Engineer here,

The Bitnami HTTPS configuration tool is saying that the www domain is not properly configured as it doesn't resolve to the same IP of the machine. You will need to configure the www domain in your DNS provider and verify that both www and non-www domains are properly configured using this online tool.

https://www.whatsmydns.net/

Once you confirm both domains are configuring with the correct IP address, you can run the Bitnami HTTPS configuration tool to generate the certificate.

Jota Martos
  • 4,548
  • 3
  • 12
  • 20
  • Hi Jota - I'm not sure what you mean, sorry... the url for my site is registered and works... actually, when I key in https://www. then I get a secure site with the certificate being valid etc... it's just, any other way of accessing it comes up with it not being secure and not having a valid certificate etc. And it is this issue that I am seeking to resolve here. Is there something I am missing? – Scouse_Bob Jan 16 '20 at 04:24
  • The tool generates a certificate for the www and non-www domains by default (no matter if you only set the non-www one). What I meant is that I don't know if you configured the www subdomain in your DNS provider site, did you? You can check if both domains are properly configured by accessing the URL I shared and looking for the results of "domain.com" and "www.domain.com", are the results the same? Please note that this is needed because Let's Encrypt needs to validate your domains when generating the certificate. – Jota Martos Jan 16 '20 at 08:15
  • Hi, yep the results are the same - I generated a certificate for my domain using the certificate manager in AWS and that all seems to work, provided you put in "https://www." if you just put in www. then you just get a http connection. – Scouse_Bob Jan 16 '20 at 09:30
  • Ok @Scouse_Bob. The Bitnami tool should work if you configured the domains. If you continue getting the same error, you can open an issue in [our community forum](https://community.bitnami.com) and our team will review your case. You previously said (and I think I missed that information) that if you use your domain when accessing your site, the connection is secure, but other ways are not. What are those other ways? Note that the certificate is only valid for the domains you specify, if you use the IP address or if there are http links in the page, the connection is not secure ever. – Jota Martos Jan 23 '20 at 09:33
0

Try to override the IP in the local /etc/hosts file. You can set IP number there, and then remove it when you're done. It should work.

Rodrigo Murillo
  • 13,080
  • 2
  • 29
  • 50
  • Hi if I look at the hosts file, I have cat /etc/hosts 127.0.0.1 localhost and when I add a line under it, with the i.p. address displayed from mydns website and the hostname of the server I still get the same error. Is that the fix you had in mind? Just checking I have that correct...thanks – Scouse_Bob Jan 16 '20 at 02:14
  • Hm if that doesn't work, not sure what the problem is. Did you try the suggestion from the Bitnami guy? – Rodrigo Murillo Jan 16 '20 at 02:29
0

Make sure the IP address in the A record section of your domain is the same as the static Ip address reserved. Please note, unless you're working through Cloudflare (which I know cos I use it for all my website)you may want to wait up 48hrs for DNS propagation to complete. I hope this helps

P Tips
  • 1
  • 1
0

Well I was using bitnami bncert-tool on lightsail I deleted the whole tool and installed again and everything worked fine Here is how I removed any related files to the tool

sudo rm -rf /opt/bitnami/bncert-tool
sudo rm -rf /opt/bitnami/bncert

then I followed these steps to generate the certificate

Amr
  • 433
  • 5
  • 12