Issue when setting up HTTPS with Let's Encrypt on Apache


#1

Hello there,

My Ghost instance is currently using Apache as a reverse proxy. I know nginx is advised but I had to install it on a server where several other sites already use Apache.

I just configured HTTPS with Let’s encrypt but I have an issue:

  • if Ghost config url starts with https
    • when accessing https://blog.kalvn.net, I’m redirected to https://127.0.0.1:2368/ which is obviously wrong
    • when accessing https://blog.kalvn.net/ghost/, I have an infinite redirect loop on this exact same URL
  • if Ghost config url starts with http
    • when accessing https://blog.kalvn.net, I’m redirected to https://127.0.0.1:2368/ which is obviously wrong
    • when accessing https://blog.kalvn.net/ghost/, it works fine!

I suppose something is wrong in my Apache config but I cannot find what. Here are the configs:

/var/www/ghost/config.production.json

{
  "url": "https://blog.kalvn.net",
  "server": {
    "port": 2368,
    "host": "127.0.0.1"
  },
  "database": {
    "client": "mysql",
    "connection": {
      "host": "localhost",
      "user": "ghost",
      "password": "****",
      "database": "****"
    }
  },
  "mail": {
    "transport": "Direct"
  },
  "logging": {
    "transports": [
      "file",
      "stdout"
    ]
  },
  "process": "systemd",
  "paths": {
    "contentPath": "/var/www/ghost/content"
  }
}

/etc/apache2/sites-available/blog.kalvn.net.conf

<VirtualHost *:80>
    #Domain Name
    ServerName blog.kalvn.net

    #HTTP proxy/gateway server
    ProxyRequests Off
    ProxyPass / http://127.0.0.1:2368/
    ProxyPassReverse / http:/127.0.0.1:2368/
RewriteEngine on
RewriteCond %{SERVER_NAME} =blog.kalvn.net
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

/etc/apache2/sites-available/blog.kalvn.net-le-ssl.conf

<IfModule mod_ssl.c>
<VirtualHost *:443>
    #Domain Name
    ServerName blog.kalvn.net

    #HTTP proxy/gateway server
    ProxyRequests Off
    ProxyPass / http://127.0.0.1:2368/
    ProxyPassReverse / http:/127.0.0.1:2368/
SSLCertificateFile /etc/letsencrypt/live/blog.kalvn.net/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/blog.kalvn.net/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>

I also precise that Apache mod_ssl is activated since other sites on this server work well in HTTPS.

Thanks in advance for your help!


#2

This solved my issue: https://github.com/TryGhost/Ghost/issues/2796#issuecomment-350851420


#3

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.