Problem forcing https in aws lightsail

Management and Administration
#1

I am trying to create the SSL certificate in AWS lightsail and forcing HTTP to HTTPS. I did the following things
(1) added DOMAIN and EMAIL in the docker-compose.yml and run ./docker-compose up -d.
(2) In docker log “container”, I saw certificate was issued in my domain Name

Congratulations! Your certificate and chain have been saved at /etc/letsencrypt/live/health.dpanalytics.com/fullchain.pem

(3) changed openemr.conf to force from HTTP to HTTPS

<VirtualHost *:80>
        ServerName health.dpanalytics.com
        ServerAlias www.health.dpanalytics.com
        RewriteEngine On
        RewriteCond %{HTTPS} off
        RewriteRule (.*) https://%{HTTP_HOST}/$1 [R,L]
</VirtualHost>

(4) changed ssl.conf
ServerName health.dpanalytics.com ServerAdmin myemail@domain.com

(5) restarted container , but could not load server
(6) checked the container log file

Starting cron daemon!
Starting apache!

Love OpenEMR? You can now support the project via the open collective:
 > https://opencollective.com/openemr/donate

Starting cron daemon!
Starting apache!
httpd (pid 14) already running

(7) checked the apache error file and found it

health.dpanalytics.com:443:0 server certificate does NOT include an ID that matches the server name

When I commented out (3), the server will load with HTTP. Highly appreciated any help.

#2

hi @Hari_Khanal, did let’s encrypt add the certificate directives to ssl.conf?

#3

@stephenwaite It added certificates to openemr.conf, not in ssl.conf. Should I include the same certificates path in ssl.conf as well.

#4

not sure, usually let’s encrypt does this for you and it requires no manual effort

#5

Finally solved it. Thank you @stephenwaite

  • Copy the paths for the letsencrypt certificates from /etc/apache2/conf.d/openemr.conf to ssl.conf and delete existing paths of

(server.pem and servey.key)

  • Change the servername and admin email in httpd.conf
  • Restart the container
1 Like