Let's Encrypt on subdomain; non working emails

Discussion in 'General' started by m_pro_m, Jan 19, 2017.

  1. m_pro_m

    m_pro_m New Member

    // Replacing dots with dashes because it won't let me post :X


    I'm webdev who wants to set up his website. I'm noob when it comes to server management, but ISPConfig is here to save the day.
    I've got a domain with A records pointing to IP of my server with ISPConfig installed (Ubuntu 14.04)
    I want my main page to be at main-domain-tld and domain-tld should redirect you there.
    I was able to create this using two sites in ISPConfig where the domain-tld had a redirect to the main-domain-tld
    Okay so thats working. But I want to use Let's Encrypt to be able to use https ... But I can not do that for some reason.
    I just simply filled up the SSL tab in both sites (country,...) and clicked Generate Cert, then activated SSL and Let's Encrypt on the main tab.
    domain-tld was working with https, but main-domain-tld wasnt - certificate for it was issued for domain-tld, not main-domain-tld
    I tried many different things like setting the SSL domain to *-domain-tld but without success.
    It would never let me check SSL and Let's Encrypt for the main-domain-tld
    How should I go about this? Any advice on how to setup sites likes this?

    My other problem is, I wanted to create an email like main(at)domain-tld. I was able to access it thru squirrelmail at /webmail, but I couldn't send or receive any emails.
    Here is something from the mail queue:
    (connect to 127 0 0 1 [127 0 0 1] :10024: Connection refused)
    => I fixed this by editing hostname to be the same as my domain and running amavis

    If you need any info, just ask for it and I'll provide it.
    THANK YOU VERY MUCH in advance!

    // One more thing, System->Addons, why is it always empty? I tried to activate the ispconfig repo, but it is still empty. Am I missing something?
    Last edited: Jan 20, 2017
  2. You need to add the subdomain as an alias to your main domain.
    Also: do not fill in the SSL tab on your main domain, Let's encrypt does all for you, the SSL tab is only needed if you use a ssl provider like COMODO or anything else.

    When you have added the subdomain as a domain alias Let's Encrypt will request a single certificate with both your subdomain and main domain in one.
    m_pro_m likes this.
  3. m_pro_m

    m_pro_m New Member

    Okay so I finally did it. I just needed to start to read the logs :D Thank you for the help.

    I have just one small problem. I enabled Rewrite HTTP to HTTPS on the domain-tld and it works when I access main-domain-tld it redirects to https:// main-domain-tld but it doesn't work on the site itself, it is just a blank page. Any ideas what is causing that?
    Last edited: Jan 20, 2017
  4. Paste the .htaccess file ;)
  5. m_pro_m

    m_pro_m New Member

    I would if I had one. There is none in /web what is really weird..
    So I created it with this code

    RewriteEngine On
    RewriteCond %{SERVER_PORT} 80
    RewriteRule ^(.*)$ https:// example com/$1 [R,L]

    But nothing has changed. I even disabled HTTP->HTTPS redirect from ISPConfig but it just keeps doing the same - works for subdomain but not the domain itself.
  6. As a general rule I never use ISPConfig to redirect to anything but use .htaccess files to do all the redirect

    But your htaccess seems to be right :)
  7. m_pro_m

    m_pro_m New Member

    Main question right now is why do I get blank page when I access my domain using HTTP?
    It should show the default "Welcome to your website!" message from ISPConfig.
    I feel like fixing one problem creates another.. and I thought it will be so simple to setup my server using control panel like ISPConfig :D
  8. :p check the logs ;-)
  9. or use a host that provides all that for you ;-)
  10. m_pro_m

    m_pro_m New Member

    I need to have full control over my server this time.. :D

    I checked the logs but there is nothing related to it (/var/log/apache/error.log, access.log)
  11. check /var/www/domain/log/*.log
  12. sjau

    sjau Local Meanie Moderator

    I use this

    <If "%{HTTPS} == 'off'">
    Redirect permanent / https://www.domain.tld/
    <If "%{HTTPS} == 'on'">
    Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
    Rewriting can cause issues with other stuff in .htaccess and the apache folks recommend Redirect instead of Rewrite.

Share This Page