AWS Bitnami Wordpress Stack Error

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: dextr.cloud

I ran this command: (followed instructions for ssh cert install) All worked right up to last step!

It produced this output:

IMPORTANT NOTES:
- An error occurred and we failed to restore your config and restart
your server. Please post to
https://community.letsencrypt.org/c/server-config with details
about your configuration and this error you received.

  • Congratulations! Your certificate and chain have been saved at:
    /etc/letsencrypt/live/dextr.cloud/fullchain.pem
    Your key file has been saved at:
    /etc/letsencrypt/live/dextr.cloud/privkey.pem
    Your cert will expire on 2019-10-01. To obtain a new or tweaked
    version of this certificate in the future, simply run certbot again
    with the “certonly” option. To non-interactively renew all of
    your certificates, run “certbot renew”

My web server is (include version): Apache2

The operating system my web server runs on is (include version): Unbutu in an AWS EC2 AMI

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes)

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

Hi @DrVoIP

that's an old certificate.

Checking your certificates, it's created 2019-07-03 ( https://check-your-website.server-daten.de/?q=dextr.cloud#ct-logs ):

Issuer not before not after Domain names LE-Duplicate next LE
Amazon 2019-08-01 2020-09-02 dextr.cloud, www.dextr.cloud
2 entries
Let's Encrypt Authority X3 2019-07-03 2019-10-01 dextr.cloud
1 entries
Amazon 2019-07-02 2020-08-03 eu-central-1.api.dextr.cloud
1 entries
Amazon 2019-07-02 2020-08-03 us-west-2.api.dextr.cloud
1 entries
Amazon 2019-07-02 2020-08-03 ap-northeast-1.api.dextr.cloud
1 entries
Amazon 2019-07-02 2020-08-03 ap-southeast-2.api.dextr.cloud
1 entries
Amazon 2019-06-28 2020-07-29 *.api.dextr.cloud, api.dextr.cloud
2 entries
Amazon 2019-05-08 2020-06-09 *.dextr.cloud
1 entries
Let's Encrypt Authority X3 2019-05-03 2019-08-01 dextr.cloud
1 entries

Between a lot of Amazon certificates. And your configuration is blocked:

Domainname Http-Status redirect Sec. G
http://dextr.cloud/
13.52.111.14 403 0.354 M
Forbidden
http://www.dextr.cloud/
13.52.111.14 403 0.353 M
Forbidden
https://dextr.cloud/
13.52.111.14 -2 1.523 V
ConnectFailure - Unable to connect to the remote server No connection could be made because the target machine actively refused it 13.52.111.14:443
https://www.dextr.cloud/
13.52.111.14 -2 1.524 V
ConnectFailure - Unable to connect to the remote server No connection could be made because the target machine actively refused it 13.52.111.14:443
Page not found – Dextr Cloud
13.52.111.14 403 0.353 M
Forbidden
Visible Content: Forbidden You don't have permission to access /.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de on this server. Apache/2.4.18 (Ubuntu) Server at dextr.cloud Port 80
Page not found – Dextr Cloud
13.52.111.14 403 0.353 M
Forbidden
Visible Content: Forbidden You don't have permission to access /.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de on this server. Apache/2.4.18 (Ubuntu) Server at www.dextr.cloud Port 80

Http status 403 - Forbidden or (https) blocked.

What says

apachectl -S

Looks like your configuration is too restricted.

Thank you for the commentary. Let me take another crack at this issue description. This is a bitnami stack for a wordpress site. Bitnami creates their own little world on the server and is generally found in /opt/bitnami/Apache2 and Certbot wants to install stuff in /etc so I am wondering how others have handled this as it relates to creating cron to update the cert on an automated basis. The install took down the sever because of our ignorance and installed the cert someplace that caused a second instance of Apache to run blocking port 80 and the redirect to 443. Took some time to unravel and set the httpd.conf file to point to the cert location created by Certbot. Just looking for input from anyone who has installed on the Bitnami stack. Thnks all.

There are a lot of users with such a configuration.

Looks like you have used a completely wrong command. But your topic doesn't have informations about the certbot command you have used.

Hi @DrVoIP,

Welcome to the community forum!

Have you checked out the Bitnami - Let’s Encrypt integration documentation at https://docs.bitnami.com/aws/how-to/generate-install-lets-encrypt-ssl/ ?

Thank you for the link, very informative!

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.