AH00526: Syntax error on line 16 of /etc/apache2/


#1

Hello i get this error, hope somebody can help me

Apache version is 2.4.7
Enabling available site: /etc/apache2/sites-available/facebooklol.nl-le-ssl.conf
Deploying Certificate to VirtualHost /etc/apache2/sites-available/facebooklol.nl-le-ssl.conf
Apache version is 2.4.7
Error while running apache2ctl configtest.
Action ‘configtest’ failed.
The Apache error log may have more information.

AH00526: Syntax error on line 16 of /etc/apache2/sites-enabled/facebooklol.nl.conf:
FastCgiExternalServer: redefinition of previously defined class “/var/lib/apache2/fastcgi/php-fcgi-facebooklol.nl”

Encountered exception:
Traceback (most recent call last):
File “/home/lapswans/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/client.py”, line 399, in deploy_certificate
self.installer.restart()
File “/home/lapswans/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot_apache/configurator.py”, line 1657, in restart
self.config_test()
File “/home/lapswans/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot_apache/configurator.py”, line 1680, in config_test
raise errors.MisconfigurationError(str(err))
MisconfigurationError: Error while running apache2ctl configtest.
Action ‘configtest’ failed.
The Apache error log may have more information.

AH00526: Syntax error on line 16 of /etc/apache2/sites-enabled/facebooklol.nl.conf:
FastCgiExternalServer: redefinition of previously defined class “/var/lib/apache2/fastcgi/php-fcgi-facebooklol.nl”

Calling registered functions
Rolling back to previous server configuration…
Reporting to user: We were unable to install your certificate, however, we successfully restored your server to its prior configuration.
Exiting abnormally:
Traceback (most recent call last):
File “/home/lapswans/.local/share/letsencrypt/bin/letsencrypt”, line 11, in
sys.exit(main())
File “/home/lapswans/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/main.py”, line 882, in main
return config.func(config, plugins)
File “/home/lapswans/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/main.py”, line 612, in run
lineage.chain, lineage.fullchain)
File “/home/lapswans/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/client.py”, line 399, in deploy_certificate
self.installer.restart()
File “/home/lapswans/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot_apache/configurator.py”, line 1657, in restart
self.config_test()
File “/home/lapswans/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot_apache/configurator.py”, line 1680, in config_test
raise errors.MisconfigurationError(str(err))
MisconfigurationError: Error while running apache2ctl configtest.
Action ‘configtest’ failed.
The Apache error log may have more information.

AH00526: Syntax error on line 16 of /etc/apache2/sites-enabled/facebooklol.nl.conf:
FastCgiExternalServer: redefinition of previously defined class “/var/lib/apache2/fastcgi/php-fcgi-facebooklol.nl”

Error while running apache2ctl configtest.
Action ‘configtest’ failed.
The Apache error log may have more information.

AH00526: Syntax error on line 16 of /etc/apache2/sites-enabled/facebooklol.nl.conf:
FastCgiExternalServer: redefinition of previously defined class “/var/lib/apache2/fastcgi/php-fcgi-facebooklol.nl”

IMPORTANT NOTES:

  • We were unable to install your certificate, however, we
    successfully restored your server to its prior configuration.

I can login to a root shell on my machine (yes or no, or I don’t know):
YES
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
IMSCP


#2

As a comment - you should use the “certonly” method rather than the “auto” method when using certbot with a control panel such as IMSCP

what is on line 16 of /etc/apache2/sites-enabled/facebooklol.nl.conf ? can you comment out the fastcgi line (that I’m guessing is on there) and test again with apachectl -t ?


#3

line 16 -pass-header Authorization

<VirtualHost 111111111:80>
ServerAdmin webmaster@facebooklol.nl
ServerName facebooklol.nl
ServerAlias www.facebooklol.nl vu2003.panel.colo.transip.net
DocumentRoot /var/www/virtual/facebooklol.nl/htdocs
DirectoryIndex index.html index.xhtml index.htm
LogLevel error
ErrorLog /var/log/apache2/facebooklol.nl/error.log
Alias /errors/ /var/www/virtual/facebooklol.nl/errors/
SuexecUserGroup vu2003 vu2003
DirectoryIndex index.php
Alias /php-fcgi /var/lib/apache2/fastcgi/php-fcgi-facebooklol.nl
FastCGIExternalServer /var/lib/apache2/fastcgi/php-fcgi-facebooklol.nl
-socket /var/run/php5-fpm-facebooklol.nl.sock
-idle-timeout 900
-pass-header Authorization
<Directory /var/www/virtual/facebooklol.nl>
Options +SymLinksIfOwnerMatch
Require all granted

<Directory /var/www/virtual/facebooklol.nl/htdocs>
AllowOverride All


#4

when i do ./certbot-auto --apache certonly it does not get that error.
But i cant visit my website on https after that ill get: SSL_ERROR_RX_RECORD_TOO_LONG

lappie@host:~$ ./certbot-auto --apache certonly
Requesting root privileges to run certbot…
/home/lappie/.local/share/letsencrypt/bin/letsencrypt --apache certonly
Saving debug log to /var/log/letsencrypt/letsencrypt.log

Which names would you like to activate HTTPS for?

1: facebooklol.nl
2: www.facebooklol.nl
3: host.colo.transip.net
4: vu2003.panel.colo.transip.net

Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter ‘c’ to cancel):1,2
Cert not yet due for renewal

You have an existing certificate that has exactly the same domains or certificate name you requested and isn’t close to expiry.
(ref: /etc/letsencrypt/renewal/facebooklol.nl.conf)

What would you like to do?

1: Keep the existing certificate for now
2: Renew & replace the cert (limit ~5 per 7 days)

Select the appropriate number [1-2] then [enter] (press ‘c’ to cancel): 1
Keeping the existing certificate


Certificate not yet due for renewal; no action taken.

lappie@host:~$ ./certbot-auto --apache certonly
Requesting root privileges to run certbot…
/home/lappie/.local/share/letsencrypt/bin/letsencrypt --apache certonly
Saving debug log to /var/log/letsencrypt/letsencrypt.log

Which names would you like to activate HTTPS for?

1: facebooklol.nl
2: www.facebooklol.nl
3: host.colo.transip.net
4: vu2003.panel.colo.transip.net

Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter ‘c’ to cancel):1,2
Cert not yet due for renewal

You have an existing certificate that has exactly the same domains or certificate name you requested and isn’t close to expiry.
(ref: /etc/letsencrypt/renewal/facebooklol.nl.conf)

What would you like to do?

1: Keep the existing certificate for now
2: Renew & replace the cert (limit ~5 per 7 days)

Select the appropriate number [1-2] then [enter] (press ‘c’ to cancel): 2
Renewing an existing certificate
Performing the following challenges:
tls-sni-01 challenge for facebooklol.nl
tls-sni-01 challenge for www.facebooklol.nl
Waiting for verification…
Cleaning up challenges
Generating key (2048 bits): /etc/letsencrypt/keys/0004_key-certbot.pem
Creating CSR: /etc/letsencrypt/csr/0004_csr-certbot.pem

IMPORTANT NOTES:

  • Congratulations! Your certificate and chain have been saved at
    /etc/letsencrypt/live/facebooklol.nl/fullchain.pem. Your cert will
    expire on 2017-05-14. To obtain a new or tweaked version of this
    certificate in the future, simply run certbot-auto again. To
    non-interactively renew all of your certificates, run
    "certbot-auto renew"

  • If you like Certbot, please consider supporting our work by:

    Donating to ISRG / Let’s Encrypt: https://letsencrypt.org/donate
    Donating to EFF: https://eff.org/donate-le


#5

OK, so you have certificates ( which is good). don’t keep running the certbot (otherwise you will reach the rate-limits)

The only issue is with your config.

so the lines causing the issue will be

Alias /php-fcgi /var/lib/apache2/fastcgi/php-fcgi-facebooklol.nl
FastCGIExternalServer /var/lib/apache2/fastcgi/php-fcgi-facebooklol.nl \
-socket /var/run/php5-fpm-facebooklol.nl.sock \
-idle-timeout 900 \
-pass-header Authorization

You probably have these duplicated in both the facebooklol.nl.conf and the facebooklol.nl-le-ssl.conf

I’d suggest commenting that out of the ssl config for now.

then run

apachectl -t

and see what it says.


#6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.