# This is what a port 80 & port 443 virtual host could look like
# that has its SSL certificate through Let's Encrypt
# The configuration is for Apache 2.4 - with Apache 2.2 commented out
# The port 80 host does 2 jobs:
# * support the Let's Encrypt challege/response at certificate renewal time
# * redirect all other incoming traffic to the https vhost
ServerAdmin bofh@example.com
DocumentRoot /var/www/example/html
ServerName www.example.com
ServerAlias example.com
ErrorLog logs/example/error_log
CustomLog logs/example/access_log combined
# This is needed so that Let's Encrypt challenge/response works:
Alias /.well-known/acme-challenge/ "/var/www/acme/acme-challenge/"
RewriteRule "^/.well-known/acme-challenge/" - [L]
Require all granted
# 2.2 config below:
# Options Indexes MultiViews
# AllowOverride None
# Order allow,deny
# Allow from all
# Force to HTTPS:
RewriteEngine on
RewriteRule .* https://www.example.com%{REQUEST_URI} [R,L]
# This looks like the first port 443 in the config file, if it were
# not then the first line would look like:
#
ServerAdmin bofh@example.com
DocumentRoot /var/www/example/html
ServerName www.example.com
ServerAlias example.com
ErrorLog logs/example/error_log
CustomLog logs/example/access_log combined
# Generic SSL configuration and the 3 certificate files:
Include conf/GenericSSL.conf
SSLCertificateFile /var/www/acme/SignedCertificates/example.crt
SSLCertificateKeyFile /var/www/acme/RSAprivateKeys/example.key
SSLCertificateChainFile /var/www/acme/lets-encrypt-x3-cross-signed.pem
# Redirect: example.com -> www.example.com
RewriteEngine On
RewriteCond %{HTTP_HOST} ^example.com$ [NC]
RewriteRule ^(.*)$ https://www.example.com$1 [R=301,L]
Require all granted
# 2.2 config below:
# Order allow,deny
# Allow from all
# Options +FollowSymLinks -SymLinksIfOwnerMatch
# Now whatever other site specific directives that you might need
# ...