Automating certbot (issuing ) on apache for multiple domains from script

My domain is: (various)

I ran this command: sudo certbot --apache --non-interactive --agree-tos --email -d $DOMAIN_NAME

It produced this output:

Nov 14 15:12:01 ***: The apache plugin is not working; there may be problems with your existing configuration.
Nov 14 15:12:01 ***: The error was: MisconfigurationError("Error while running apache2ctl configtest.\nAction 'configtest' failed.\nThe Apache error log may have more information.\n\nAH00526: Syntax error on line 21 of /etc/apache2/sites-enabled/\nSSLCertificateFile: file '/etc/letsencrypt/live/' does not exist or is empty\n")

My web server is (include version): Apache/2.4.52 (Debian)

The operating system my web server runs on is (include version):Debian GNU/Linux 11 (bullseye)

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 1.12.0

I'm trying to autoimate running certbot from a script that runs as a user that is part of a 'webadmin' group. I hhave given the user permission to run certbot without password but it does not appear to create teh certificate files. I've tried various different aproaches including creating the directories for it, modifying permissions etc. but I suspect I might be barking up the wrong tree, given my script causes that 'The apache plugin is not working; there may be problems with your existing configuration.' error my script generates.

with this example above, the script had created a config file ( /etc/apache2/sites-available/ ) with

Include   /etc/letsencrypt/options-ssl-apache.conf
    SSLCertificateFile  /etc/letsencrypt/live/
    SSLCertificateKeyFile /etc/letsencrypt/live/

Your script shouldn't generate references to files that don't exist yet. At least, that's what I'm thinking what's happening. Unfortunately that's just a guess, because I don't know how your script looks like.

By the way, if you're using certbot with the --apache plugin, why would your script need to add those references itself? Certbot should do it for you. My advice would be to just let Certbot do all the Apache reconfiguration.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.