ZoneMinder Forums

I'm trying to change apache back to port 80 so i can run certbot to install a cert. I did as it says below.

You can turn off HTTPS entirely by simply commenting out the SSLRequireSSL
directives found in /etc/httpd/conf.d/zoneminder.conf. You should also
comment out the HTTP -> HTTPS Rewrite rule.

but when i restart apache it's still redirecting to https. Is there another file to edit? I'm running v1.31.43 on Centos 7 btw

Certbot works just fine with the zoneminder rpm without modification so I'm not sure why you think you have to change anything. In any case, to answer your question about auto redirecting to https, you have to remove the rewrite rule from the config file then restart apache. You either missed that step or you've got another rewrite rule in some other config file.

Double check your firewall has both port 80 and 443 open and they are forwarded to your server. That can cause certbot to fail.

knight-of-ni wrote: ↑Sat May 26, 2018 2:09 pm Certbot works just fine with the zoneminder rpm without modification so I'm not sure why you think you have to change anything. In any case, to answer your question about auto redirecting to https, you have to remove the rewrite rule from the config file then restart apache. You either missed that step or you've got another rewrite rule in some other config file.

Yes I realise it should just work, as I've already said I've commented out the rewrite rule, restarted apache and still get redirected to 443. I cannot find another redirect

I've gotten a little further, I can get certbot to run but as zm isn't runnign on port 80 I get this. Is there somewhere else I set zm to listen on port 80

This message can be a bit misleading. In addition to having Apache listen on port 80, the message is telling you certbot is also looking for an apache <VirtuaHost>...</VirtualHost> definition for port 80 as well. This is simply to convince certbot that you are indeed the administrator of the domain. It's not required to make it work from a technical perspective.

In my tests, however, I didn't have to define a virtualhost (not sure why to be honest). The only thing I needed to change in my Apache configuration was the ServerName directive. I set it to match the (dynamic) dns name. This statement assumes a default Apache configuration... if you've changed something not mentioned here then all bets are off.

Keep in mind you've also got to open ports 80 & 443 in any firewall(s) between you and the Internet.

UPDATE: updated content to reflect a question asked in our irc channel.