Automatic renewal broken after ubuntu upgrade to 20.4. No virtual hosts on port 80?

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: ngberger.com

I ran this command:certbot renew -v

It produced this output: Renewing for jitsi.ngberger.com and 3 more domains ... Failed to renew with error ... Unable to find virtual host listening on port 80 which is currently needed for certbot to prove to the CA tthat you control the domain. Please add a virtual host for port 80. All renewals failed. The following certificates could not be renewed: /etc/letsencrypt/live/jitsi.ngberger.com/fullchain.pem /etc/letsencrypt/live/ngberger.com/fullchain.pem

My web server is (include version): apache2

The operating system my web server runs on is (include version): Ubuntu 20.4.2

My hosting provider, if applicable, is: self-hosted

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): 1.16.0

After upgrading from 16.04 to 18.04 and then 20.04 apache and mysql broke. I managed to get apache to serve again, but mysql won't install either so the site with the LMS is not working properly as can be seen on-line. jitsi.ngberger.com has been removed as an application on the server and is currently not needed. Also there is no virtual host in sites-available for this.
Can anybody advise on how to get certificate renewed for starters? Any help is much appreciated
Norbert Berger

Upgrading multiple versions in one go can certainly be an adventure :laughing:.

What's the output of this command:

sudo apachectl -t -D DUMP_VHOSTS

VirtualHost configuration:

*:443 is a NameVirtualHost

default server media.ngberger.com (/etc/apache2/sites-enabled/mediangberger.com-le-ssl.conf:2)

port 443 namevhost media.ngberger.com (/etc/apache2/sites-enabled/mediangberger.com-le-ssl.conf:2)

alias media.ngberger.com

port 443 namevhost ngberger.com (/etc/apache2/sites-enabled/ngberger.com-le-ssl.conf:2)

alias www.ngberger.com

Hi Az,

Thanks for looking into this. Yes, it was a bit thoughtless. It is not my mains site, but I would still like to restore the database and keep things going.

Norbert

1 Like

I think to get this working again, you'll just need to create some port 80 VirtualHosts in Apache. I suspect you used to have them, but they somehow got destroyed during your upgrades.

One basic fix you could try is to create /etc/apache2/sites-enabled/ngberger.com.conf with these contents:

<VirtualHost *:80>
    ServerName ngberger.com
    ServerAlias www.ngberger.com
    RewriteEngine on
    RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

and try the renewal again.

1 Like

Hi Az,

That seems to have done the trick. Many thanks.

Norbert

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.