SSL and LE should not have any problem, as I can view all sites in HTTPS and see different contents as expected. There is only one exception. the server host domain atlmaster.angelright.com can be accessed in both ways, but without redirection whatsoever. See... http://atlmaster.angelright.com https://atlmaster.angelright.com So, like what Till said, I should use ISPconfig to do it rather than using the vhost master? Right now, I have set all sites like this... What should I do then?
Tried this setting with angelrite.com ... Did not work! Each time I try I wait for ISPconfig to finish implementing the task. http://angelrite.com - I see the dummy site content https://angelrite.com - I see the expected content Looks like the HTTP is forbidden to see. Strange. I understand that when the same content can be seen via both HTTP and HTTPS, then redirect could make sense.
OK, after resync from within ISPconfig and restart apache2, HTTP to HTTPS works but for those whose SSL might not be issued properly, redirection goes to 000dummy.com I will try turning SSL and LE off and on, but I bet I have to make sure those sites can be accessed via HTTP before LE can be issued, right? This means that I will comment those custom lines and restart apache2 and then do resync. Will try this.
I already mentioned that you modify the custom vhost only if you want to automate the creation of HSTS and redirect for all websites. This is because if there is a custom vhost, ISPC will use it. To affect all, of course you have to resync all websites but I think you don't need to restart apache as ISPC will do that. I don't test the code as I don't use apache but I don't see anything wrong with the code. If you don't want to automate them, just delete the custom vhost because ISPC will only use it if it is available. Of course you can comment out any of its edited parts (only two right? ).
OK, I comment out all the custom lines, just to make sure all sites are accessible from its HTTP urls before I do anything else. It turns out ISPconfig can handle eveything from within!!! This is the setting that works, no need to play with other settings... Great!
Basically this proves that Till said was right. Once some of the sites' SSL were not set right, HTTP 2 HTTPS redirection can be disrupted. During the process, I also found that different browsers give different result. Removing cache in browser and then test is critical. Lastly, dummy site is not needed if everything is set correctly.
There is this one left unresolved, just for one site - my friend's site. Hopefully it is temporary... It gives four links with these at end in sequence : Name: ?C=N;O=D Last modified: ?C=M;O=A Size: ?C=S;O=A Description: C=D;O=A
It's not like you payed for priority support... https://www.fishcafe.org says bad cert (certificate is valid for 0.1459919.com)
Thank you. Indeed. I reset SSL and LE. Also I set it to redirect from www.domain.tld to domain.tld and also from http to https. Hopefully it will work soon.
Working OK now. Thank you, Tuumke! Now one issue left... when i use the "Add new website" to create the website in the first place, should I select "None" or "www." for the Auto-Subdomain field? Looks like selecting "www." make things followed much easier. Just a gust feeling. if anyone can confirm, it would be very much appreciated.
Using 'www' auto subdomain is quite common, and probably what you want unless you know you don't want a 'www' or are handling that separate from the bare domain for some reason.