SSL... Still won't work

Okay, sorry all. I’ve read and done everything SSL-related on this site, but I simply cannot get my site (http://radiowrite.com) secured (https://radiowrite.com).

I’m on Ubuntu 18 (DigitalOcean), installed certbot and SSL certs before installing libretime.

Can anyone help me figure this out once and for all?

THANK YOU!

What exactly is not working? The link to your website leads to a Wordpress Site with a proper SSL cert.

Do you have any error messages?

Hey there, I’ve since moved the domain over to another host to try to set up a secured landing page-style site with the iframe embed code (the embed code’s not currently playing nice with a WP install + Divi theme for whatever reason).

The existing site is at http://198.199.111.37.

This one I have NOT used certbot, but the original install I was referring to did. I used certbot, got 100% install success, and then installed libretime/icetime. it was never secured via https.

In addition, importing podcasts did not work (a major requirement for the station), hence why I reinstalled on another VPS box later.

I guess if you had installed Libretime first, and then installed Certbot and got the cert, it might have worked.

You can simply go to /etc/apache2/sites-available and edit the conf file there. Mine is called airtime-le-ssl.conf but yours might be different.

In that you have to define the SSL details, point to the certs etc. Restart Apache and it should work. Let me know if you need a sample file.

I tried both ways (installing LibreTime first, then installing certbot + cert first). Neither has worked.

I’d love a sample file if you’ve got one… I don’t understand how certbot installs the certificate, but then… it’s not installed?

This is the content of my airtiime-le-ssl.conf file:

<IfModule mod_ssl.c>
<VirtualHost *:443>
   ServerAdmin foo@bar.org
   DocumentRoot /usr/share/airtime/php/airtime_mvc/public/
   php_admin_value upload_tmp_dir /tmp
   php_value post_max_size 500M
   php_value upload_max_filesize 500M
   php_value request_order "GPC"
   php_value session.gc_probability 0
   php_value session.auto_start 0

   AddOutputFilterByType DEFLATE text/plain
   AddOutputFilterByType DEFLATE text/html
   AddOutputFilterByType DEFLATE text/xml
   AddOutputFilterByType DEFLATE text/css
   AddOutputFilterByType DEFLATE application/xml
   AddOutputFilterByType DEFLATE application/xhtml+xml
   AddOutputFilterByType DEFLATE application/rss+xml
   AddOutputFilterByType DEFLATE application/javascript
   AddOutputFilterByType DEFLATE application/x-javascript
   AddOutputFilterByType DEFLATE application/json


  <Directory /usr/share/airtime/php/airtime_mvc/public/>
      RewriteEngine On
      RewriteCond %{REQUEST_FILENAME} -s [OR]
      RewriteCond %{REQUEST_FILENAME} -l [OR]
      RewriteCond %{REQUEST_FILENAME} -d
      RewriteRule ^.*$ - [NC,L]
      RewriteRule ^.*$ index.php [NC,L]

      DirectoryIndex index.php
      AllowOverride all
      Order allow,deny
      Allow from all

      Require all granted
  </Directory>

ServerName www.radiowrite.com
Include /etc/letsencrypt/options-ssl-apache.conf
ServerAlias radiowrite.com
SSLCertificateFile /etc/letsencrypt/live/www.radiowrite.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/www.radiowrite.com/privkey.pem
</VirtualHost>
</IfModule>

That looks pretty much like what I have too.

One difference is that I do also have a line

ServerAdmin foo@bar.org
ServerName www.radiowrite.com
DocumentRoot /usr/share...

besides the ServerAlias. And Certbot has added your certfiles in the last two lines (SSLCertificateFile/SSLCertificateKeyFile), so that looks good.

If you browse to https://radiowrite.com, what error do you get? And your DNS is surely pointing to that server?

Thanks, but no dice. The ServerName flag appears lower in my file anyway, but I added it up there instead just in case, but it didn’t work. This is really weird — I have no idea what to try next…

Yes, the DNS is absolutely pointing to the right IP address.