configuring https for laravel on apache server

Question

I've a vps on ovh with many sites configured via "sites-aviable.conf" (apache).

The thing to be considerated its that my vps have no domain name, but just a name provided from ovh, so if i try to use this on some authority that relase ssl certificate it can be used! I need to set https instead of http for some site, so i start to generate a self-signed certificate with open ssl. Then i check if the port 443 is in listen and its seems ok. Then i change the APP_URL from http to https on .env file, but nothing change.

sites-aviable.conf

conteins something like:

<VirtualHost *:80>

ServerAdmin webmaster@localhost
DocumentRoot /var/www/html/AAAA/public
ServerName http://xxxxxxxxxxxx.net
Alias /web2 /var/www/html/BBBBB/public

<Directory /var/www/html/AAAAA>
        Options Indexes FollowSymLinks MultiViews
        AllowOverride All
        Allow from all    
</Directory>

 <Directory /var/www/html/BBBBB>
        Options Indexes FollowSymLinks MultiViews
        AllowOverride All
        Allow from all        
</Directory>

ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined

so this to me should be replicated even for the 443 port, or I wrong? (ive tried to rough change 80 to 443 but didnt work)

I try to add on the same "sites-aviable.conf" this part:

 DocumentRoot /var/www/html/AAAAAAA/public
    ServerName http://XXXXXXXXXXX.net
    Redirect permanent / https://XXXXXX.net

on the <VirtualHost *:80> part, and then under I add just under this part:

<VirtualHost _default_:443> 
ServerName https://XXXXXXXXXX.net
DocumentRoot /var/www/html/AAAAAAAA/public
SSLEngine On 
</VirtualHost>

How can i set this to my server?

If im visiting the url with https i receive a apache error of "not found"

Answer 1

If you want to support both http and https, you need to define a virtual host for both port 80 and port 443. However, inside your virtual host for port 443, you also need to specify your SSL Certificate File and SSL Certificate Key File.

So, just copy your http definition and update the port and SSL information. Your .conf file will look something like this (based on the VirtualHost definition you provided in your question.

# http
<VirtualHost *:80>
  ServerAdmin webmaster@localhost
  DocumentRoot /var/www/html/AAAA/public
  ServerName xxxxxxxxxxxx.net
  Alias /web2 /var/www/html/BBBBB/public

  <Directory /var/www/html/AAAAA>
    Options Indexes FollowSymLinks MultiViews
    AllowOverride All
    Allow from all    
  </Directory>

  <Directory /var/www/html/BBBBB>
    Options Indexes FollowSymLinks MultiViews
    AllowOverride All
    Allow from all        
  </Directory>

  ErrorLog ${APACHE_LOG_DIR}/error.log
  CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

# https
<VirtualHost *:443>
  ServerAdmin webmaster@localhost
  DocumentRoot /var/www/html/AAAA/public
  ServerName xxxxxxxxxxxx.net
  Alias /web2 /var/www/html/BBBBB/public

  # Your SSL configuration. Update the File and KeyFile information
  # below to point to your SSL certificate.
  SSLEngine on
  SSLCertificateFile "/etc/ssl/certs/ssl-cert-snakeoil.pem"
  SSLCertificateKeyFile "/etc/ssl/private/ssl-cert-snakeoil.key"

  <Directory /var/www/html/AAAAA>
    Options Indexes FollowSymLinks MultiViews
    AllowOverride All
    Allow from all    
  </Directory>

  <Directory /var/www/html/BBBBB>
    Options Indexes FollowSymLinks MultiViews
    AllowOverride All
    Allow from all        
  </Directory>

  ErrorLog ${APACHE_LOG_DIR}/error.log
  CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

Make sure you restart apache after updating your config.

Also, your https url should work now, but since you're using a self-signed certificate, your browser will still complain about it being unsafe and not trusted. I'm assuming this is for a dev environment, so that shouldn't be an issue. If this is for a production site that others are meant to use, then you should be getting a real SSL cert from a trusted authority (LetsEncrypt has free SSL certs).