I was following the commands listed on Certbot’s website for CentOS 6 which is what we are running and after downloading and changing permissions it keeps on erroring when I try to run the program.
I ran this command: sudo env PATH=$PATH:/usr/local/apache/bin/apachectl ./certbot-auto --apache certonly
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Failed to find executable apachectl in PATH: /usr/local/cpanel/3rdparty/lib/path-bin:/usr/local/jdk/bin:/usr/local/cpanel/3rdparty/lib/path-bin:/usr/local/jdk/bin:/usr/local/cpanel/3rdparty/lib/path-bin:/usr/local/jdk/bin:/usr/local/cpanel/3rdparty/lib/path-bin:/usr/local/jdk/bin:/usr/local/cpanel/3rdparty/lib/path-bin:/usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/cpanel/3rdparty/lib/path-bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/opt/cpanel/composer/bin:/usr/local/bin:/usr/X11R6/bin:/root/bin:/usr/local/bin:/usr/X11R6/bin:/usr/local/bin:/usr/X11R6/bin:/usr/local/bin:/usr/X11R6/bin:/usr/local/apache/bin/apachectl
Could not choose appropriate plugin: The apache plugin is not working; there may be problems with your existing configuration.
The error was: NoInstallationError(‘Cannot find Apache control command apachectl’,)
The apache plugin is not working; there may be problems with your existing configuration.
The error was: NoInstallationError(‘Cannot find Apache control command apachectl’,)
The operating system my web server runs on is (include version): CentOS 6.8
I can login to a root shell on my machine (yes or no, or I don’t know): Yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): cPanel
If you are using cPanel, certbot may not be the best choice for you.(as a host)
Because, cPanel/WHM provides autossl, which you can enable it and let it auto obtain certificates. (And install it), you can also choose from cPanel CA or LE CA
Thank you
P.S. I’m trying to find out why your command encounter this issue… but it might be due to cPanel’s configuration. Will update after I’m done searching.
I should have mentioned, I am using certbot/letsencrypt because I need a wildcard certificate, which is not compatible with AutoSSL (or so I have been told).
That's true. Autossl use letsencrypt API v1, hense it's not supported for wildcard.
Also, I'm not sure why you use Apache plugin for certbot.
Since let's encrypt wildcard certificate use DNS-01 validation, and it has nothing to do with Apache.. (cPanel doesn't allow install the certificate from command line)
Can you try just run sudo ./certbor-auto certonly or manual if you don't have DNS API setup. (Automation)
Just a P.S. (maybe a fancy advertisement..), I remember someone in our forum developed a plugin called fleetssl, which support let's encrypt V2. You might want to check that out.. (to save you from entering command line, pass validation, grab certificate etc...)
Are you the same person as @mypleasure? If you are, @stevenzhu's point about wildcards is still very important—the certbot-auto --apache command can't obtain wildcards under any circumstances. This is true for all currently-released versions of Certbot. So even if you deal with all other problems, your current strategy will not get you a wildcard.
Only authentication using the DNS-01 method is approved by Let's Encrypt for wildcard issuance, and Certbot's --apache doesn't support that method at all. So I don't think that looking any further into Certbot's Apache integration will be useful for wildcard issuance.
If you're not the same person as @mypleasure, could you please start a separate forum thread for your question?
I'll comment on your Apache-related points below in case you're a different person who does want to continue down the --apache path, but a separate forum thread will be more appropriate in that case. Thanks!
This looks like a pre-existing Apache warning unrelated to Certbot that has to do with Apache's multithreading configuration (related to how it will handle multiple simultaneous connections). This isn't a certificate-related or Certbot-related error (and won't stop Certbot from being able to obtain a certificate).
The first of these is an executable program, while the second is a man page which would be displayed by man 8 apachectl.
How did you try to run it, and what result did you see?