ElB1

Q: Frustrating Upgrade Problem

I had a mac mini server with 10.7.5 on it serving 4 websites. I had the sites set up with http for the full site and the log in page with https with 4 different IP addresses, one for each as a different is required by SSL for each site.

 

Stupidly, I decided to upgrade the server to El-Capitan and server 5. I have it on other servers (with different sites) and it's working fine.

 

On this particular server however, after the migration and setting it up again, HTTPS works well on one site and gives internal server error on the other 3 sites. The http version of the sites is available and no issues. But no log in page is hampering things.

 

Anybody stumbled on something similar here? Any hints for a solution to this vexing problem?

Mac mini, OS X El Capitan (10.11.3), Server 5.0.15

Posted on Feb 28, 2016 12:28 AM

Close

Q: Frustrating Upgrade Problem

  • All replies
  • Helpful answers

  • by MrHoffman,

    MrHoffman MrHoffman Feb 28, 2016 11:05 AM in response to ElB1
    Level 6 (15,627 points)
    Mac OS X
    Feb 28, 2016 11:05 AM in response to ElB1

    Multiple-domain certificates have been available for some time — you only need one IP address, and this greatly simplifies certificate management. 

     

    These multiple-domain certificates are sometimes called Universal Communications Certificates, or UCC certs.

     

    One IP address, multiple domain names.

     

    FWIW, the folks at LetsEncrypt also support "regular" and these certificates, and offers free certificates.

     

    If you want to research the problem, you're going to need to have a look at the logs via Console.app or other tools, and try to gather more details on the error.   With Server.app, I'd tend to use MD / UCC certs, too — but otherwise, you're going to have to get all the certs and all the private keys registered, and figure out what's tipping over within (presumably) Apache.   (I've seen Apache tip over with various errors with OS X Server, and in one recent case "unexpected" characters in the filename for the certificates.)

  • by ElB1,

    ElB1 ElB1 Feb 28, 2016 6:12 PM in response to MrHoffman
    Level 1 (0 points)
    Feb 28, 2016 6:12 PM in response to MrHoffman

    Thanks for the reply, but the problem turned out to be something else completely.

     

    It turned out that, unlike apache 2.2,  apache 2.4 doesn't like it when you put the directory of a site inside the directory of another site. We had the the DocRoot of the secure domain inside the DocRoot of the non-secure domain, and somehow the only visible error was problem with .htaccess file.

     

    We separated the folders to the same level and all was resolved.