Date: Fri, 20 Nov 2020 18:16:26 +0100 From: freebsd@boosten.org To: freebsd-questions <freebsd-questions@freebsd.org> Cc: Dale Scott <dalescott@shaw.ca> Subject: Re: Please help with Apache virtual servers and DNS trouble (I think) Message-ID: <57E903C2-0CB4-4DAD-8F10-12A6879A8029@boosten.org> In-Reply-To: <958896405.36997717.1605885037710.JavaMail.zimbra@shaw.ca> References: <dbf88edf-7b25-4944-b6c9-5e0d08533265@email.android.com> <df9e09e9-587b-f01b-2849-a90cbd518534@yuripv.dev> <958896405.36997717.1605885037710.JavaMail.zimbra@shaw.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
> Op 20 nov. 2020, om 16:10 heeft Dale Scott <dalescott@shaw.ca> het = volgende geschreven: >=20 > I am rebuilding my fbsd-11 server after the system drive failed. I had = been using Apache virtual servers to serve several web apps on port 80, = with a single wildcard DNS entry from No-IP. The server also hosted a = Linux vm running in vbox, and used the vbox NAT to forward vm port 80 to = host 8080, and vm port 22 to host 3022. This worked well as I only have = one IP address from my ISP. The virtual hosts are accessed normally e.g. = www.dalescott.net (WordPress), mantisbt.dalescott.net, = timetracker.dalescott.net..., I can ssh to the vm on port 3022, and the = vm web server is accessed with port number i.e. = http://dalescott.net:8080. Clear so far. I use the same setup (although I=E2=80=99m not forwarding = anything to a different port, 443 on my firewall is 443 on my webserver = (which is a jail on my freebsd server). >=20 > Then the system drive failed and it seemed a good time to re-build it = with fbsd-12, and switch at least some of the web apps (not the vm) to = https with LetsEncrypt certs. My understanding of LetsEncrypt (and = certbot and the Apache certbot plugin) is that subdomain DNS entry will = be required for each Apache virtual server that will https. LetsEncrypt version 2 support wildcard certificates. So with one = certificate you can serve www.domain.tld <http://www.domain.tld/>, = blah.domain.tld and hurray.domain.tld. However, in order to reach your = virtual server mantisbt.dalescott.net <http://mantisbt.dalescott.net/>; = you will have to have a DNS record for that host (not subdomain), this = can be an A record or a CNAME. Of course you can use a wildcard. > So I removed the wild card from my dalescott.net DNS entry and = configured new subdomain DNS entries for the Apache virtual servers. = However I didn't create certificates or change Apache httpd-vhosts.conf, = and I'm still not trying to serve anything but pure http on port 80. >=20 What do you mean with =E2=80=99subdomain=E2=80=99? A subdomain would = mean something like =E2=80=99servers.dalescott.net=E2=80=99 in your = case, and your mantisbt server would then be reachable as = mantisbt.servers.dalescott.net <http://mantisbt.servers.dalescott.net/>. = So please elaborate. > The problem is that I can access all my virtual servers and ssh to the = vm using port 3022, but I get a "no server response" error in the = browser when trying to access the vm web server on port 8080. Is it not that your browser expects https and you get http (or vice = versa)? What does your apache logging say? Peter =E2=80=94 It never hurts to help =E2=80=94 Eek!
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?57E903C2-0CB4-4DAD-8F10-12A6879A8029>