After enabling HTTPS on my Apache2 server - I get 404 errors on every request
Solution 1
I can't exactly remember how I figured it out, but I stumbled across something somewhere that suggested to put:
<VirtualHost _default_:443>
Instead of:
<VirtualHost *:443>
Since replacing that, my SSL has been working perfectly.
Solution 2
Is it absolutely necessary to redirect all http requests to https? Cause it seems that's what you're trying to do here.
I suggest you start by removing the following lines from your conf:
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=302]
I suspect the syntax may be wrong there. Then try connecting again on each http:// and https:// protocols.
Solution 3
Try editing your file to look something like this:
This is a very basic conf, if this works add your redirects if still needed.
If this does not work please show your ssl.conf
NameVirtualHost *:80
NameVirtualHost *:443
<VirtualHost *:80>
<Directory "[docRoot]">
AllowOverride All
</Directory>
DocumentRoot [docRoot]
ServerName [serverName]
</VirtualHost>
<VirtualHost *:443>
SSLEngine on
SSLCertificateFile [...]/[domain].crt
SSLCertificateKeyFile [...]/[certificate].key
SSLCertificateChainFile [...]/[theotherone].crt
<Directory "[docRoot]">
AllowOverride All
</Directory>
DocumentRoot [docRoot]
ServerName [serverName]
</VirtualHost>
Related videos on Youtube
Michael Longhurst
Updated on September 18, 2022Comments
-
Michael Longhurst almost 2 years
Okay, so I've had no experience with SSL/HTTPS ever before, I've only ever dealt with standard HTTP. Recently I've started work on a site which will need SSL. So of course, I've gone out and researched how to and got started. I've got to the stage of installing the SSL certificate successfully - the green padlock appears and the server responds to HTTPS requests on port 443. The issue I have is that no matter what I do I cant get any pages to appear using HTTPS/SSL, however they appeared fine on port 80/HTTP (until I redirect HTTP to HTTPS that is).
Put simply I can access the HTTPS site absolutely fine, however my pages are not being sent, rather a 404 is sent for every request.
/etc/apache2/sites-available/[name].conf
<VirtualHost *:80> ServerName [serverName] RewriteEngine On RewriteCond %{HTTP:X-Forwarded-Proto} !https RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=302] </VirtualHost> <VirtualHost *:443> ServerName [serverName] ServerAdmin [email] DocumentRoot [docRoot] # I know the following SSL cert stuff is correct SSLEngine On SSLCertificateFile [...]/[domain].crt SSLCertificateKeyFile [...]/[certificate].key SSLCertificateChainFile [...]/[theotherone].crt ErrorLog ${APACHE_LOG_DIR}/[custom]_error.log CustomLog ${APACHE_LOG_DIR}/[custom]_access.log combined <Directory "[docRoot]"> Options Indexes FollowSymLinks MultiViews AllowOverride All Order allow,deny allow from all </Directory> </VirtualHost>
I'm not sure if there is anything else you might want to look at, or any other details, but if there is let me know.
EDIT:
After some searching around in the config files I have established that for whatever reason, when connecting to HTTPS, the server is using the document root in the default configuration (/var/www/) however this default configuration is not enabled with a2ensite. I can't seem to figure where the configuration that is causing this is located
-
Admin over 7 yearsYour
Rewrite
directives look like you are trying to run Apache behind a badly configured reverse proxy. If your Apache is serving the domain directly without any proxying, you should just drop all of theRewrite
directives and replace them with a singleRedirect
. And configure separate logfiles for eachVirtualHost
such that you can see exactly whichVirtualHost
process each request. -
Admin over 7 yearsAs for the Rewrites, I was only using them to get a temporary refirect (I wasn't 100% sure at that stage), I have now learned that Redirect is perfectly capable of that (yeah, bad that I didn't know that). Regarding the separate log files, I have since done that. I also have figured out what the issue was and will update to reflect that.
-
-
Michael Longhurst over 7 yearsI am sure that I want all HTTP to redirect to HTTPS, since I am making an admin panel on this domain, almost all requests contain sensitive information. I know that that syntax is correct since the redirect works perfectly. I have figured that the issue is that the server is looking for files in /var/www/html instead of the documentroot I have specified
-
Ivan over 7 yearsDoes the document path work without the redirect? Worth a try imo...
-
Michael Longhurst over 7 yearsI'm giving the other answer a try first, will give it ago if that fails
-
Michael Longhurst over 7 yearsNope, still doesn't work, it is still showing the temporary index.html that I placed in /var/www/html. I shall link a pastebin with the conf
-
Michael Longhurst over 7 yearsThis is the pastebin: pastebin.com/iwubgFye
-
Michael Longhurst over 7 yearsGave that a try too, but to no avail
-
Anthony Fornito over 7 yearsJust to confirm you are restarting apache after making changes?
-
Michael Longhurst over 7 yearsYes, anything and everything I change I am restarting
-
Anthony Fornito over 7 yearsIm thinking there might be something else going on can you paste the output for your httpd.conf: cat /etc/httpd/conf/httpd.conf | grep -v "#"
-
Ivan over 7 yearsAlright, try replacing the asterisk from *:443 with the actual IP of the server same goes for port 80 as well. Also check the syntax of document root path should start with /
-
Michael Longhurst over 7 yearsIf I was to make an educated guess, for some reason, the server is ignoring the vhosts that I have setup and is using the default-ssl.conf file no matter
-
Michael Longhurst over 7 yearsIs that the internal or external IP?
-
Michael Longhurst over 7 yearsMy external IP is dynamic, it's hosted at home
-
Michael Longhurst over 7 yearsOkay I just put my current IP in there and its made a difference. It is now showing me the example.com instead of subdomain.example.com