Hello. I have got a VPS server with Apache2 on Debian. I wanted to install lets encrypt certificate, so I have done so far:
log in to SSH
saved "
deb
http://ftp.debian.org/debian
jessie-backports main" into /etc/apt/sources.list
Run
apt-get update
No error so far
than entered: "
sudo apt-get install python-certbot-apache -t jessie-backports
"
No error so far
And last I’ve entered this : "
sudo certbot --apache
"
And I have got this:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
No names were found in your configuration files. Please enter in your domain
name(s) (comma and/or space separated) (Enter ‘c’ to cancel):domain.com
Enter email address (used for urgent renewal and security notices) (Enter ‘c’ to
cancel):
[email protected]
Starting new HTTPS connection (1):
acme-v01.api.letsencrypt.org
(A)gree/©ancel: A
Obtaining a new certificate
Performing the following challenges:
tls-sni-01 challenge for
domain.com
Enabled Apache socache_shmcb module
Enabled Apache ssl module
/usr/lib/python2.7/dist-packages/OpenSSL/rand.py:58: UserWarning: implicit cast from ‘char *’ to a different pointer type: will be forbidden in the future (check that the types are as you expect; use an explicit ffi.cast() if they are correct)
result_code = _lib.RAND_bytes(result_buffer, num_bytes)
Error while running apache2ctl graceful.
httpd not running, trying to start
Action ‘graceful’ failed.
The Apache error log may have more information.
AH00112: Warning: DocumentRoot [/var/lib/letsencrypt/tls_sni_01_page/] does not exist
(98)Address already in use: AH00073: make_sock: unable to listen for connections on address 0.0.0.0:80
no listening sockets available, shutting down
AH00015: Unable to open logs
Cleaning up challenges
Error while running apache2ctl graceful.
httpd not running, trying to start
Action ‘graceful’ failed.
The Apache error log may have more information.
(98)Address already in use: AH00073: make_sock: unable to listen for connections on address 0.0.0.0:80
no listening sockets available, shutting down
AH00015: Unable to open logs
Encountered exception during recovery
Error while running apache2ctl graceful.
httpd not running, trying to start
Action ‘graceful’ failed.
The Apache error log may have more information.
(98)Address already in use: AH00073: make_sock: unable to listen for connections on address 0.0.0.0:80
no listening sockets available, shutting down
AH00015: Unable to open logs
Traceback (most recent call last):
File “/usr/lib/python2.7/dist-packages/certbot/error_handler.py”, line 99, in _call_registered
self.funcs
-1
File “/usr/lib/python2.7/dist-packages/certbot/auth_handler.py”, line 280, in _cleanup_challenges
self.auth.cleanup(achalls)
File “/usr/lib/python2.7/dist-packages/certbot_apache/configurator.py”, line 1769, in cleanup
self.restart()
File “/usr/lib/python2.7/dist-packages/certbot_apache/configurator.py”, line 1658, in restart
self._reload()
File “/usr/lib/python2.7/dist-packages/certbot_apache/configurator.py”, line 1669, in _reload
raise errors.MisconfigurationError(str(err))
MisconfigurationError: Error while running apache2ctl graceful.
httpd not running, trying to start
Action ‘graceful’ failed.
The Apache error log may have more information.
(98)Address already in use: AH00073: make_sock: unable to listen for connections on address 0.0.0.0:80
no listening sockets available, shutting down
AH00015: Unable to open logs
Error while running apache2ctl graceful.
httpd not running, trying to start
Action ‘graceful’ failed.
The Apache error log may have more information.
AH00112: Warning: DocumentRoot [/var/lib/letsencrypt/tls_sni_01_page/] does not exist
(98)Address already in use: AH00073: make_sock: unable to listen for connections on address 0.0.0.0:80
no listening sockets available, shutting down
AH00015: Unable to open logs
Am I missing anything here?
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 1043/httpd
tcp 0 0 0.0.0.0:993 0.0.0.0:* LISTEN 247/dovecot
tcp 0 0 0.0.0.0:995 0.0.0.0:* LISTEN 247/dovecot
tcp 0 0 0.0.0.0:587 0.0.0.0:* LISTEN 241/exim
tcp 0 0 127.0.0.1:3310 0.0.0.0:* LISTEN 279/clamd
tcp 0 0 0.0.0.0:110 0.0.0.0:* LISTEN 247/dovecot
tcp 0 0 127.0.0.1:783 0.0.0.0:* LISTEN 2270/spamd.pid -d -
tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN 247/dovecot
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 1043/httpd
tcp 0 0 0.0.0.0:59184 0.0.0.0:* LISTEN 232/sshd
tcp 0 0 0.0.0.0:465 0.0.0.0:* LISTEN 241/exim
tcp 0 0 78.46.31.21:53 0.0.0.0:* LISTEN 1211/named
tcp 0 0 127.0.0.2:53 0.0.0.0:* LISTEN 1211/named
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 1211/named
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 1211/named
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 241/exim
tcp6 0 0 :::3306 :::* LISTEN 756/mysqld
tcp6 0 0 :::587 :::* LISTEN 241/exim
tcp6 0 0 :::2222 :::* LISTEN 3968/directadmin
tcp6 0 0 :::59184 :::* LISTEN 232/sshd
tcp6 0 0 :::465 :::* LISTEN 241/exim
tcp6 0 0 :::53 :::* LISTEN 1211/named
tcp6 0 0 :::21 :::* LISTEN 1122/proftpd: (acce
tcp6 0 0 ::1:953 :::* LISTEN 1211/named
tcp6 0 0 :::25 :::* LISTEN 241/exim
After I’ve input apache2ctl graceful I get the results:
httpd not running, trying to start
(98)Address already in use: AH00073: make_sock: unable to listen for connections on address 0.0.0.0:80
no listening sockets available, shutting down
AH00015: Unable to open logs
Action ‘graceful’ failed.
The Apache error log may have more information.
Hmm, there seems to be something misconfigured. Maybe Apache runs but the service script does not find the pidfile for some reason?
You could try the following:
$ sudo killall httpd
This will stop all running instances of Apache.
Then try to start the service again:
$ sudo apache2ctl start
If this succeeds, just try to graceful reload it afterwards, when this works get back to certbot.
OK, so I’ve entered sudo killall httpd and it works ( I mean there was no error )
Than I’ve entered sudo apache2ctl start and it also works ( no error )
Than I’ve entered apache2ctl graceful and also no errors ( so your advice worked )
I did not yet try certbot, cause now my website do not work ( when I enter my site name in the browser I get Apache2 Debian Default Page ). Can I fix it?
I wonder how it could work at all beforehand.
Have a look into /etc/apache2/sites-available and /etc/apache2/sites-enabled.
Are there any files?
OK. I’ve correct it. I needed to change 000-default.conf to point to my website folders.
I did run certbot, and I again needed to change 000-default.conf to point to my domain folder.
So I’ve got Congratulations message. I went to
https://www.ssllabs.com/ssltest/analyze.html?d=
to analyze my domain. I did score Overall Rating A. But if I go to my website by
https://domain.com
I get ERR_SSL_SERVER_CERT_BAD_FORMAT in Google Chrome.
Hello again. Now, when I want to verify my address using
https://www.ssllabs.com/ssltest/analyze.html?d=2
it is showing me:
Certificate name mismatch
Try these other domain names (extracted from the certificates):
localhost
What can I do now?
