AH00526: Invalid command 'SSLEngine'

My domain is: gibhenry.com

I ran this command: sudo certbot --apache

It produced this output:

Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter ‘c’ to cancel): 1 2
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for gibhenry.com
http-01 challenge for www.gibhenry.com
Waiting for verification…
Cleaning up challenges
Deploying Certificate to VirtualHost /private/etc/apache2/httpd.conf
Deploying Certificate to VirtualHost /private/etc/apache2/httpd.conf
Error while running apachectl configtest.

AH00526: Syntax error on line 7 of /etc/letsencrypt/options-ssl-apache.conf:
Invalid command ‘SSLEngine’, perhaps misspelled or defined by a module not included in the server configuration

Rolling back to previous server configuration…
Error while running apachectl configtest.

AH00526: Syntax error on line 7 of /etc/letsencrypt/options-ssl-apache.conf:
Invalid command ‘SSLEngine’, perhaps misspelled or defined by a module not included in the server configuration

My web server is (include version): Apache 2.4.41 (Unix)

The operating system my web server runs on is (include version): MacOS 10.15 Catalina

My hosting provider, if applicable, is: self-hosted

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site
(no, or provide the name and version of the control panel): No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): 1.3.0

======================
The command SSLEngine is indeed on line 7 of /etc/letsencrypt/options-ssl-apache.conf, but I haven’t modified that file in any way. In addition, apachectl configtest comes up clean.

Note: The website doesn’t really give the 404 error it says it does!

I’m not exactly sure how it’s done on macOS because I don’t have one, but it looks like you need to enable mod_ssl on your Apache installation.

Usually it’s something like:

a2enmod ssl

but you may need to manually dive into httpd.conf, find lines that resemble:

#LoadModule ssl_module         libexec/httpd/libssl.so
#AddModule mod_ssl.c

and uncomment them.

Or otherwise find online how to enable it.

1 Like

Thanks! That sent me down the rabbit hole to fix a bunch of things—step by step, I finally got it!! Thanks again!

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.