404 Not Found only with one domain

Hello guys,

so, whenever I try to renew my certificate I keep getting the “404 Not Found” error. What makes this really annoying is that it’s only happening for this one domain. The others can be renewed. I also went ahead an removed the old (about to be expired) certificate using " sudo certbot delete --cert-name example.com" command and tried generating a new one with the command mentioned below (… certbot --apache -d …). I am stuck and have no idea how to get this fixed. Your help would be greatly appreciated!

My domain is: gomotech.net
I ran this command: sudo certbot --apache -d gomotech.net -d www.gomotech.net
It produced this output:

Domain: gomotech.net
Type: unauthorized
Detail: Invalid response from
http://gomotech.net/.well-known/acme-challenge/zZ9khgmL6i29B1ker4bfr_2IlVWqz0o7xLmGtMcaAH8
[207.180.227.103]: “\n\n404 Not
Found\n\n

Not Found

\n<p”

To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.

My web server is (include version): Apache 2.4.29
The operating system my web server runs on is (include version): Ubuntu 18.04.4 LTS
My hosting provider, if applicable, is: contabo.com
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): 0.31.0

And here’s my vhost file for that domain:

<VirtualHost *:80>
ServerAdmin info@gomotech.net
Servername gomotech.net
ServerAlias www.gomotech.net
DocumentRoot /var/www/gomotech.net/public_html
ErrorLog {APACHE_LOG_DIR}/error.log CustomLog {APACHE_LOG_DIR}/access.log combined
</ VirtualHost>

Thanks in advance!

I see completely different website contents when visiting http://gomotech.net/ and http://www.gomotech.net/.

That could suggest that there is some overlap in your virtual host configuration which messes with the Certbot authenticator. It’s technically a nonsensical configuration, but Apache doesn’t treat it as an error for some reason.

We can check to see if that’s the case with:

sudo apachectl -t -D DUMP_VHOSTS

*:80 is a NameVirtualHost
default server gomotech.net (/etc/apache2/sites-enabled/000-default.conf:1)
port 80 namevhost gomotech.net (/etc/apache2/sites-enabled/000-default.conf:1)
port 80 namevhost gomotech.net (/etc/apache2/sites-enabled/gomotech.net.conf:1)
alias www.gomotech.net

@_az

There seems to be a trend growing here. Do you have any thoughts? Is certbot changing the configuration somehow?

See:

There's your duplication. One domain is appearing in both 000-default.conf and gomotech.net.conf.

I believe you will want to do:

sudo a2dissite 000-default

and then try again.

Alright, did that & the issue is fixed. Is there a way to have both of them “active”, I mean, I’d like to have default page (which you saw before) load if someone enters the server IP. Do I just enable it again & disable during the next cert renew?

If you want to keep the default virtualhost on, get rid of the ServerName from it, so that it doesn’t clobber your main website.

Then make sure it is ordered first in the directory. That part should already be the case thanks to the 000- name.

Finally you can enable it again with a2ensite.

You're talking here about the "000-d.." vhost? if so, I'm a bit confused because that one doesn't have "Servername" defined in it. It's pretty much default content.

<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com

    ServerAdmin webmaster@localhost
    DocumentRoot /var/www/html

    # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
    # error, crit, alert, emerg.
    # It is also possible to configure the loglevel for particular
    # modules, e.g.
    #LogLevel info ssl:warn

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    # For most configuration files from conf-available/, which are
    # enabled or disabled at a global level, it is possible to
    # include a line for only one particular virtual host. For example the
    # following line enables the CGI configuration for this host only
    # after it has been globally disabled with "a2disconf".
    #Include conf-available/serve-cgi-bin.conf

</ VirtualHost>

vim: syntax=apache ts=4 sw=4 sts=4 sr noet

It might be inheriting the name from the global server config. In that case, you could add something to it, like:

ServerName invalid.invalid

It should still catch requests for unknown domains/IP ... as long as it's still first ... I think.

Alright, will play around with that and test it. Thanks for your help / solving my issue. You rock! :slight_smile:

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.