service httpd start
Starting httpd: [Thu Sep 15 20:47:23 2016] [warn] NameVirtualHost *:443 has no VirtualHosts
[Thu Sep 15 20:47:23 2016] [warn] NameVirtualHost *:80 has no VirtualHosts
(98)Address already in use: make_sock: could not bind to address [::]:443
[ OK ]
> httpd -S
> [Thu Sep 15 20:48:48 2016] [warn] NameVirtualHost *:443 has no VirtualHosts
> [Thu Sep 15 20:48:48 2016] [warn] NameVirtualHost *:80 has no VirtualHosts
> VirtualHost configuration:
> wildcard NameVirtualHosts and _default_ servers:
> *:443 is a NameVirtualHost
> default server vpsxxx.ovh.net (/etc/httpd/vhosts/00defaultSSL.conf:2)
> port 443 namevhost vpsxxx.ovh.net (/etc/httpd/vhosts/00defaultSSL.conf:2)
> alias example.com
> alias www.example.com
> port 443 namevhost vpsxxx.ovh.net (/etc/httpd/vhosts/defaultSSL.conf:2)
> alias example.com
> alias www.example.com
> *:80 is a NameVirtualHost
> default server vpsxxx.ovh.net (/etc/httpd/vhosts/00default.conf:2)
> port 80 namevhost vpsxxx.ovh.net (/etc/httpd/vhosts/00default.conf:2)
> port 80 namevhost vpsxxx.ovh.net (/etc/httpd/vhosts/default.conf:2)
> port 80 namevhost www.example.com (/etc/httpd/vhosts/example.com.conf:1)
> alias example.com
> port 80 namevhost mail.example.com (/etc/httpd/vhosts/example.com.conf:29)
> port 80 namevhost sql.example.com (/etc/httpd/vhosts/example.com.conf:48)
> Syntax OK
> grep -r "SSLCertificateFile" /etc/httpd/
> /etc/httpd/vhosts/defaultSSL.conf: SSLCertificateFile /etc/letsencrypt/live/www.example.com/cert.pem
> /etc/httpd/conf.d/ssl.conf.dist:# Point SSLCertificateFile at a PEM encoded certificate. If
> /etc/httpd/conf.d/ssl.conf.dist:SSLCertificateFile /etc/pki/tls/certs/localhost.crt
> /etc/httpd/conf.d/ssl.conf.dist:# the referenced file can be the same as SSLCertificateFile
Looks like there’s another process that’s currently occupying port 443. You can use netstat -tulpn | grep :443 to check which process is currently listening on that port. Further steps depend on the result - if it’s apache, I’d probably try killing the process and then trying service httpd start again.
Thanks for your reply.
I’ve reinstalled my vps and started over, but now when I run > ./letsencrypt-auto --apache -d your_domain.tld it gives me this error: “We were unable to find a vhost with a ServerName or Address of domain.com”. It only lists default.conf and defaultSSL.conf.
Would you mind sharing your apache config? Specifically the file that includes ServerName domain.com (I assume your configuration has that line - otherwise, that’s what the client is complaining about ).
[Fri Sep 16 20:16:29 2016] [warn] NameVirtualHost *:443 has no VirtualHosts
[Fri Sep 16 20:16:29 2016] [warn] NameVirtualHost *:80 has no VirtualHosts
Syntax OK
You’ll probably need to modify the mentioned ssl.conf (or defaultSSL.conf? not sure where that’s coming from) to include ServerName domain.com in the <VirtualHost> in that file.
I’ve added ServerName mysite.com to defaultSSL.conf then ran ./letsencrypt-auto --apache -d mysite.com and this time it worked : Congratulations! Your certificate and chain have been saved at /etc/letsencrypt/live/…
But the the site is not reachable now.
How exactly is your site failing right now? Can you connect via HTTP? Does the HTTPS connection not work in general, or do you get some specific error message? Could a firewall be interfering?
<VirtualHost *:80>
ServerAdmin postmaster@vpsxxx.ovh.net #SuexecUserGroup ovh users
DocumentRoot /home/ovh/www
<Directory “/home/ovh/www”>
Order allow,deny
Allow from all
ServerName vpsxxx.ovh.net
CustomLog logs/ovh-access_log combined
ScriptAlias /cgi-bin/ /home/ovh/cgi-bin/
<Directory “/home/ovh/cgi-bin”>
Order allow,deny
Allow from all
suPHP_Engine On
suPHP_AddHandler x-httpd-php
suPHP_UserGroup ovh users
AddHandler x-httpd-php .php
What’s the output of netstat -tulpn | grep :80? Anything in your apache error log? Are you certain this is not firewall-related? (did HTTP work prior to this?)
That implies apache is not running at all. Did you see any error output when you ran letsencrypt-auto? The client would've restarted apache while configuring SSL, and if apache failed to start, there should be some kind of output.
What happens when you try to run service httpd start?
service httpd start
Starting httpd: [Fri Sep 16 21:11:37 2016] [warn] NameVirtualHost *:443 has no VirtualHosts
[Fri Sep 16 21:11:37 2016] [warn] NameVirtualHost *:80 has no VirtualHosts
(98)Address already in use: make_sock: could not bind to address [::]:443
[ OK ]
What’s the output of netstat -tulpn | grep :443? This is the error you had initially with the previous guide, so I suspect you’re accidentally running some other service on port 443.
Hmm, I wonder if this could be caused by multiple Listen directives with the same port. Can you run grep -ri listen /etc/httpd? If this shows more than one result with “Listen 443”, remove all but one.
grep -ri listen /etc/httpd
/etc/httpd/conf/httpd.conf.dist:# Listen: Allows you to bind Apache to specific IP addresses and/or
/etc/httpd/conf/httpd.conf.dist:# Change this to Listen on specific IP addresses as shown below to
/etc/httpd/conf/httpd.conf.dist:#Listen 12.34.56.78:80
/etc/httpd/conf/httpd.conf.dist:Listen 80
/etc/httpd/conf/httpd.conf:# Listen: Allows you to bind Apache to specific IP addresses and/or
/etc/httpd/conf/httpd.conf:# Change this to Listen on specific IP addresses as shown below to
/etc/httpd/conf/httpd.conf:#Listen 12.34.56.78:80
/etc/httpd/conf/httpd.conf:Listen 80
/etc/httpd/conf/httpd.conf:Listen 443
/etc/httpd/conf.d/ssl.conf:# When we also provide SSL we have to listen to the
/etc/httpd/conf.d/ssl.conf:Listen 443
/etc/httpd/conf.d/ssl.conf.dist:# When we also provide SSL we have to listen to the
/etc/httpd/conf.d/ssl.conf.dist:Listen 443
).