Apache2 ulimit error (solved)


#1

Hello,
I would like to install a Letsencrypt certificate on my Apache server but I got an error.
Thank you very much for your help
Best regards
Pierre L

My domain is: searcraft.fr

I ran this command: certbot --authenticator webroot --installer apache

It produced this output:

Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.

/usr/sbin/apache2ctl: 99: ulimit: error setting limit (Operation not permitted)
Setting ulimit failed. See README.Debian for more information.

Rolling back to previous server configuration...
Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.

/usr/sbin/apache2ctl: 99: ulimit: error setting limit (Operation not permitted)
Setting ulimit failed. See README.Debian for more information.

Encountered exception during recovery
Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.

/usr/sbin/apache2ctl: 99: ulimit: error setting limit (Operation not permitted)
Setting ulimit failed. See README.Debian for more information.
Traceback (most recent call last):
  File "/usr/lib/python2.7/dist-packages/certbot/error_handler.py", line 99, in _call_registered
    self.funcs[-1]()
  File "/usr/lib/python2.7/dist-packages/certbot/client.py", line 495, in _rollback_and_restart
    self.installer.restart()
  File "/usr/lib/python2.7/dist-packages/certbot_apache/configurator.py", line 1658, in restart
    self._reload()
  File "/usr/lib/python2.7/dist-packages/certbot_apache/configurator.py", line 1669, in _reload
    raise errors.MisconfigurationError(str(err))
MisconfigurationError: Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.

/usr/sbin/apache2ctl: 99: ulimit: error setting limit (Operation not permitted)
Setting ulimit failed. See README.Debian for more information.

Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.

/usr/sbin/apache2ctl: 99: ulimit: error setting limit (Operation not permitted)
Setting ulimit failed. See README.Debian for more information.

My web server is (include version): Apache 2.4.25

The operating system my web server runs on is (include version): Debian 9.6

My hosting provider, if applicable, is: PulseHeberg VPS

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no


#2

What kind of virtualization are you on? Is it VZ/LXC by any chance?

systemd-detect-virt
uname -a
apachectl -t
id

#3

I’m on a LXC virtual server.

root@sc002:~# systemd-detect-virt
lxc
root@sc002:~# uname -a
Linux sc002 4.15.17-1-pve #1 SMP PVE 4.15.17-9 (Wed, 9 May 2018 13:31:43 +0200) x86_64 GNU/Linux
root@sc002:~# apachectl -t
/usr/sbin/apachectl: 99: ulimit: error setting limit (Operation not permitted)
Setting ulimit failed. See README.Debian for more information.
Syntax OK
root@sc002:~# id
uid=0(root) gid=0(root) groups=0(root)
root@sc002:~#

#4

The ulimit problem is because of LXC, but I don’t think it’s actually a fatal error.

But it could be indicative of an underlying problem of too few available file descriptors. Not sure.

Could you see what /var/log/apcahe2/error_log says? That should be a lot more helpful.


#5

Ok, I have this error :

[Thu Dec 13 10:49:12.787069 2018] [ssl:emerg] [pid 10172] AH02565: Certificate and private key sc002.searcraft.fr:443:0 from /etc/ssl/certs/ssl-cert-snakeoil.pem and /etc/ssl/private/ssl-cert-snakeoil.key do not match
AH00016: Configuration Failed
[Thu Dec 13 10:49:13.032387 2018] [ssl:emerg] [pid 10179] AH02565: Certificate and private key sc002.searcraft.fr:443:0 from /etc/ssl/certs/ssl-cert-snakeoil.pem and /etc/ssl/private/ssl-cert-snakeoil.key do not match
AH00016: Configuration Failed

I moved this file from my former server, i shouldn’t have done that…


#6

Well, luckily snakesoil certificates don’t serve any important purpose and you can just re-generate them:

make-ssl-cert generate-default-snakeoil --force-overwrite

#7

Thank you very much, all is working fine now :slight_smile:
Have a great day !


#8

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.