0

I am hosting a couple websites with Apache on a Linux box on Google Cloud Compute.

For this specific domain, I want to use the *.co as the primary, but I also bought the *.com so that nobody can impersonate this domain. I want to send all traffic ( http://*.com/ ; http://www.*.com/ ; https://*.com/ ; and https://www.*.com/ ) from the *.com to the *.co .

I have created a folder in /var/www on the server for the *.co website.

cd /var/www
ls
*.co

Then I created configuration files for both domains in /etc/apache2/sites-available .

*.co.conf =

<VirtualHost *:80>
    ServerAdmin _____@_____.com
    ServerName *.co
    ServerAlias www.*.co
    DocumentRoot /var/www/*.co
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

Setting a 301 redirect for the *.com domain.

*.com.conf =

<VirtualHost *:80>
    ServerName *.com
    ServerAlias www.*.com
    Redirect 301 / http://*.co/
</VirtualHost>

After that, I enabled the configuration files with the Apache command a2ensite and restart the Apache service.

sudo apache2ctl configtest
sudo a2ensite *.co.conf, *.com.conf
sudo a2dissite 000-default.conf
sudo systemctl restart apache2

Then I log in to Google Cloud DNS to create a zone for the *.co domain. There is already SOA and NS records created by default. I also logged in to Google Domains to set Custom name servers for the domain and make sure that the four name server addresses match what is in the NS record in Google Cloud.

ns-cloud-x1.googledomains.com
ns-cloud-x2.googledomains.com
ns-cloud-x3.googledomains.com
ns-cloud-x4.googledomains.com

I created an A record that points to the External IP of the server listed in Google Cloud Compute Engine and a CNAME record as well in Google Cloud DNS so that the www points to the same address.

Then I did the same steps for the *.com site, updating the name server addresses in Google Domains to match the NS record in Google Cloud DNS and creating A and CNAME records.

At this point the HTTP site is up and running. I am trying to use Python 3 certbot for Apache on Ubuntu to generate SSL certificates to encrypt HTTPS. I believe certbot also adds some lines to the configuration file.

sudo apt install certbot python3-certbot-apache

I configured HTTPS on the *.co site with certbot and it seems to be working fine.

sudo certbot --apache -d *.co -v

...but then when I try to do the same with the *.com site, it doesn't work.

sudo certbot --apache -d *.com -v

I get a Server Not Found error in the browser.

Hmm. We’re having trouble finding that site.

We can’t connect to the server at *.co.

If you entered the right address, you can:
    Try again later
    Check your network connection
    Check that Firefox has permission to access the web (you might be connected but behind a firewall)

What did I do wrong? Do I need to change one of the DNS records or something in the configuration files? Does the Python 3 certbot support HTTPS redirects?

Justin Brunkow
  • 41
  • 8
  • UPDATE= I found a small spelling error in the configuration file for the `*.com` site. I missed a letter in the `Redirect 301 / http://*.co/` line. I corrected the error, restarted Apache, ran certbot again, and now I might have to wait for the `DNS` to proliferate throughout the internet... – Justin Brunkow Aug 17 '23 at 19:48
  • Suggestions: 1) Do not use 301 redirects when testing. 2) Start testing in `incognito` windows. 3) certbot supports wildcard certificates with DNS challenges. Your command will not work. 4) Certbot does not wait for DNS to propagate. If it reports a problem, you still have one but first, you need to modify the certbot command. – John Hanley Aug 17 '23 at 22:02

0 Answers0