Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 20 Nov 2020 12:13:58 -0700 (MST)
From:      Dale Scott <>
Cc:        freebsd-questions <>
Subject:   Re: Please help with Apache virtual servers and DNS trouble (I think)
Message-ID:  <>
In-Reply-To: <>
References:  <> <> <> <>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
----- Original Message -----
> From:
> To: "freebsd-questions" <>
> Cc: "Dale Scott (dalescott@shaw)" <>
> Sent: Friday, November 20, 2020 10:16:26 AM
> Subject: Re: Please help with Apache virtual servers and DNS trouble (I t=

>> Op 20 nov. 2020, om 16:10 heeft Dale Scott < [ =
>> ] > het volgende geschreven:

Thanks for your kind help Peter. Just to be clear, this is my intended

---+    <-------------------------------- + ERPNext     =
ssh -p 3022  <-------------------------------- + Ubuntu      =
                                                             | 20.04       =
   |          <----\                            | LTS         =
   |     <----+                            |             =
   |   <----+       +--------------------+-------------=
---+    <----+------ + Apache/MariaDb/PHP | virtualbox-o=
se |
ssh -p 3022  <------------| FreeBSD 11.3 / 12.2              =


>> ... My understanding of LetsEncrypt (and certbot and the Apache
>> certbot plugin) is that subdomain DNS entry will be required for each Ap=
>> virtual server that will https.

> LetsEncrypt version 2 support wildcard certificates. So with one certific=
ate you
> can serve www.domain.tld, blah.domain.tld and hurray.domain.tld. However,=
 in order
> to reach your virtual server have to have a DNS re=
cord for
> that host (not subdomain), this can be an A record or a CNAME.
> Of course you can use a wildcard.

Wild cards sound easier to manage, which I will investigate after getting t=
working again without certs.

>> So I removed the wild card from my DNS entry and configure=
d new
>> subdomain DNS entries for the Apache virtual servers. However I didn't c=
>> certificates or change Apache httpd-vhosts.conf, and I'm still not tryin=
g to
>> serve anything but pure http on port 80.

> What do you mean with =E2=80=99subdomain=E2=80=99? A subdomain would mean=
 something like
> '' in your case, and your mantisbt server would then=
> reachable as So please elaborate.

Networking is not my strength ; IIUC my tld is, and I am usin=
g subdomains
www, mantisbt, timetracker... or fully qualified, mantisb=,, etc. Is my terminology incorrect?

>> The problem is that I can access all my virtual servers and ssh to the v=
m using
>> port 3022, but I get a "no server response" error in the browser when tr=
ying to
>> access the vm web server on port 8080.

> Is it not that your browser expects https and you get http (or vice versa=
> What does your apache logging say?

I am not expecting ANY https at this point. My goal is to first restore the
http-only behavior I had using fbsd-11.3 before I started down this rabbit
hole. ;-)  Perhaps I need to go back to the one original wildcard DNS entry=
 I had
and all will be ok, and then I figure out to use a wildcard Let's Encrypt c=
and then the specifics of each web apps.

I browsed to the vbox vm web server and saw expected ("T=
his page isn=E2=80=99t
working" " didn=E2=80=99t send any data." "ERR_EMPTY_RESPONSEI=
"), but then
checked httpd-error.log and no related errors, which I had expected to see,=
Apache was getting the request and didn't know what to d=
o with it.

Maybe the web server on the vbox vm isn't responding at all. I will need to=
that out.

Fwiw, here is my DNS setup at (entries all have same config): htt=

Also, fwiw, from my httpd.conf:

Listen 80

and my typical vhost entry in

    DocumentRoot "/usr/local/www/mantisbt"
    <Directory "/usr/local/www/mantisbt">
        allow from all
        Options None
        Require all granted

Want to link to this message? Use this URL: <>