SSL Rewrite not working after updating bitnami.conf

Keywords: Moodle - AWS - Technical issue - Secure Connections (SSL/HTTPS)
bnsupport ID: f6aa832e-dcc7-4b81-bc3a-fccdb1a9d051
Description:
Hello! I was able to successfully install ssl on my site and can access it properly via https://mysite.com . However, when I try to implement and rewrite rules within /opt/bitnami/apache2/conf/bitnami/bitnami.conf as specified at this link: https://docs.bitnami.com/aws/apps/moodle/administration/force-https-apache/ , I am shown that my connection is not secure. Furthermore, when I attempt to access via https://www.mysite.com (i.e. with www), I am shown NET::ERR_CERT_COMMON_NAME_INVALID. Please let me know how to proceed! Thank you.

I should be explicit: the goal is to force www and http to non-www and https.

Hi, @chrisj.

You can add these lines just after your HTTPS redirection configuration to do www to non-www redirection:

RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ https://%1$1 [R=permanent,L]  

And restart Apache. However, I’m not seeing the certificate error you mention. Did you fix it?

Regards,
Alejandro

Hi Alejandro,

Thanks for your response. I’ve added the lines in and restarted apache with no change. I’ve added this into the /opt/bitnami/apache2/confi/bitnami.conf file. I did notice there is also an /opt/bitnami/apache directory that seems to auto-update anytime I make a change in one file.

SetEnvIf X-Forwarded-Proto https HTTPS=on

DocumentRoot "/opt/bitnami/apache/htdocs" RewriteEngine On RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC] RewriteRule ^(.*)$ https://%1$1 [R=permanent,L] Options Indexes FollowSymLinks AllowOverride All Require all granted

Error Documents

ErrorDocument 503 /503.html

<Location /server-status>
Require local
SetHandler server-status

Include “/opt/bitnami/apache/conf/bitnami/bitnami-ssl.conf”

I checked apache error log and found the following line as well

www.example.com:443:0 server certificate does NOT include an ID which matches the server name

So I followed these steps, also without success.

Step 1: Open httpd-ssl.conf

Step 2: Hash the line, and change to “localhost”

ServerName www.example.com:443
ServerName localhost

Step 3: Save and restart Apache. Done

FYI - I had recently upgraded the Moodle stack from ~3.6 to the up-to-date 3.9. The domain has not changed, so I simply moved over the certificate files. Would this cause an issue?

Did you remove the lines you had for HTTPS redirection? You should put both redirections: HTTP to HTTPS as you already had, and www to non-www.

I have kept the lines for HTTPS redirection as well. No luck. At this point I’m will to simply take http to https redirection… I attempted to launch a new server and work with SSL there, but also no luck. It feels like editing the bitnami.conf and bitnami-ssl.conf files is not enough.

Hi @chrisj,

I just reviewed the documentation again and it seems we didn’t update it properly. The files to update are inside the /opt/bitnami/apache/conf/vhosts/ folder. You will need to add the rewrite rule inside the moodle-vhost.conf file to force the HTTPS redirection.

I’ll notify our documentation team to update that guide as soon as possible. Sorry for the inconvenience.

There is no need to change the httpd-ssl.conf file, it’s not included in the configuration by default.

Thank you again, jota. This has solved the problem.

1 Like

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.