ybshin
November 5, 2020, 4:06am
1
Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com ), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:openaccount.nhsec.co.id
I ran this command:certbot-auto, certbot --apache
It produced this output:
Error in checking parameter list:
The apache plugin is not working; there may be problems with your existing configuration.
The error was: MisconfigurationError('Apache is unable to check whether or not the module is loaded because Apache is misconfigured.')
My web server is (include version): Apache 2.2.46
The operating system my web server runs on is (include version): Centos 8.0.1905
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):No
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot):
certbot 1.9.0
1 Like
ybshin
November 5, 2020, 4:07am
2
Using httpd -t command the result is Okay no error but certbot can't process ....
httpd -t => Syntax OK
Here is detailed apache information
Server version: Apache/2.4.46 (centos)
Server built: Aug 12 2020 14:19:17
Server's Module Magic Number: 20120211:93
Server loaded: APR 1.7.0, APR-UTIL 1.6.1
Compiled using: APR 1.7.0, APR-UTIL 1.6.1
Architecture: 64-bit
Server MPM: event
threaded: yes (fixed thread count)
forked: yes (variable process count)
Server compiled with....
-D APR_HAS_SENDFILE
-D APR_HAS_MMAP
-D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
-D APR_USE_PROC_PTHREAD_SERIALIZE
-D APR_USE_PTHREAD_SERIALIZE
-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_RELIABLE_PIPED_LOGS
-D DYNAMIC_MODULE_LIMIT=256
-D HTTPD_ROOT="/etc/httpd"
-D SUEXEC_BIN="/usr/sbin/suexec"
-D DEFAULT_PIDLOG="run/httpd.pid"
-D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
-D DEFAULT_ERRORLOG="logs/error_log"
-D AP_TYPES_CONFIG_FILE="conf/mime.types"
-D SERVER_CONFIG_FILE="conf/httpd.conf"
1 Like
_az
November 5, 2020, 4:10am
3
How are you using Apache 2.2 on CentOS 8? How did you install it?
The specific command Certbot is complaining about is:
apachectl -t -D DUMP_MODULES; echo $?
1 Like
ybshin
November 5, 2020, 4:30am
4
Sorry for my mistake. the version is 2.4.46
1 Like
_az
November 5, 2020, 5:07am
5
OK, thanks.
What does the command I included in my last post show? Is the exit code zero?
1 Like
ybshin
November 5, 2020, 8:30am
6
Get '1'.
But 'httpd -t -D DUMP_MODULES; echo $?' instead above command
Get '0'
Here is loaded module list.
Loaded Modules:
core_module (static)
so_module (static)
http_module (static)
access_compat_module (shared)
actions_module (shared)
alias_module (shared)
allowmethods_module (shared)
auth_basic_module (shared)
auth_digest_module (shared)
authn_anon_module (shared)
authn_core_module (shared)
authn_dbd_module (shared)
authn_dbm_module (shared)
authn_file_module (shared)
authn_socache_module (shared)
authz_core_module (shared)
authz_dbd_module (shared)
authz_dbm_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_owner_module (shared)
authz_user_module (shared)
autoindex_module (shared)
brotli_module (shared)
cache_module (shared)
cache_disk_module (shared)
cache_socache_module (shared)
data_module (shared)
dbd_module (shared)
deflate_module (shared)
dir_module (shared)
dumpio_module (shared)
echo_module (shared)
env_module (shared)
expires_module (shared)
ext_filter_module (shared)
filter_module (shared)
headers_module (shared)
include_module (shared)
info_module (shared)
log_config_module (shared)
logio_module (shared)
macro_module (shared)
mime_magic_module (shared)
mime_module (shared)
negotiation_module (shared)
remoteip_module (shared)
reqtimeout_module (shared)
request_module (shared)
rewrite_module (shared)
setenvif_module (shared)
slotmem_plain_module (shared)
slotmem_shm_module (shared)
socache_dbm_module (shared)
socache_memcache_module (shared)
socache_redis_module (shared)
socache_shmcb_module (shared)
status_module (shared)
substitute_module (shared)
suexec_module (shared)
unique_id_module (shared)
unixd_module (shared)
userdir_module (shared)
version_module (shared)
vhost_alias_module (shared)
watchdog_module (shared)
dav_module (shared)
dav_fs_module (shared)
dav_lock_module (shared)
lua_module (shared)
mpm_event_module (shared)
proxy_module (shared)
lbmethod_bybusyness_module (shared)
lbmethod_byrequests_module (shared)
lbmethod_bytraffic_module (shared)
lbmethod_heartbeat_module (shared)
proxy_ajp_module (shared)
proxy_balancer_module (shared)
proxy_connect_module (shared)
proxy_express_module (shared)
proxy_fcgi_module (shared)
proxy_fdpass_module (shared)
proxy_ftp_module (shared)
proxy_http_module (shared)
proxy_hcheck_module (shared)
proxy_scgi_module (shared)
proxy_uwsgi_module (shared)
proxy_wstunnel_module (shared)
ssl_module (shared)
systemd_module (shared)
cgid_module (shared)
http2_module (shared)
proxy_http2_module (shared)
1 Like
_az
November 5, 2020, 8:46am
7
Thanks!
That apachectl
vs httpd
difference explains the Certbot error.
The version of httpd that comes from CentOS 8 base repos is 2.4.37, and apachectl
still works with that package.
It looks like with the httpd 2.4.46 package you installed from somewhere else, the apachectl
version of the command doesn't work anymore.
Can you share where you installed that version from? Maybe we can get Certbot fixed to support it as well.
In the meantime, you'll probably have to not use the Apache plugin and just use --webroot
and manually configure the certificate.
1 Like
system
Closed
December 5, 2020, 8:46am
8
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.