AWS Lightsail - Letsencrypt install fail

My domain is: justfauxfundecor.com

I ran this command: $ sudo /opt/bitnami/ctl script.sh start

It produced this output: Starting services..
Job for bitnami.service failed because the control process exited with error code.
See "systemctl status bitnami.service" and "journalctl -xe" for details.

My web server is (include version): ?

The operating system my web server runs on is (include version): Linux ip-172-26-6-234 4.19.0-18-cloud-amd64 #1 SMP Debian 4.19.208-1 (2021-09-29) x86_64 GNU/Linux

My hosting provider, if applicable, is: AWS Lightsail

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 0.31.0

I was following this AWS Lightsail guide on setting up Let's Encrypt. Everything went mostly smooth until the last part, restarting ctlscript.

When I run sudo /opt/bitnami/ctlscript.sh start I receive the following error:
Starting services..
Job for bitnami.service failed because the control process exited with error code.mi/certs
See "systemctl status bitnami.service" and "journalctl -xe" for details.

systemctl status bitnami service gives me this output:

 bitnami.service - LSB: bitnami init script
   Loaded: loaded (/etc/init.d/bitnami; enabled; vendor preset: enabled)
   Active: failed (Result: exit-code) since Fri 2022-02-04 21:58:51 UTC; 1min 3s ago
  Process: 26726 ExecStart=/etc/init.d/bitnami start (code=exited, status=1/FAILURE)
    Tasks: 58 (limit: 2373)pt/bitnami/apache2/conf/servert.crt.old
   Memory: 622.6M
   CGroup: /system.slice/bitnami.service
           ├─ 2226 /opt/bitnami/gonit/bin/gonitpt/bitnami/apache2/conf/server.key.old
           ├─23986 php-fpm: master process (/opt/bitnami/php/etc/php-fpm.conf)
           ├─23990 php-fpm: pool www
           ├─23991 php-fpm: pool www
           ├─23992 php-fpm: pool www
           ├─23993 php-fpm: pool wwwrtificates/DOMAIN.crt
           ├─23994 php-fpm: pool wwwrtificates/DOMAIN.key
           ├─23995 php-fpm: pool wwwhe2/conf/
           ├─23996 php-fpm: pool www
           ├─23997 php-fpm: pool wwwver.key.old   unicode.mapping
           ├─23998 php-fpm: pool wwwvert.crt.old  vhosts
           ├─23999 php-fpm: pool wwwache2/conf/server.crt.old
           ├─24000 php-fpm: pool www
           ├─24001 php-fpm: pool wwwver.crt.old  unicode.mapping
           ├─24002 php-fpm: pool wwwver.key.old  vhosts
           ├─24003 php-fpm: pool www$DOMAIN/privkey.pem /opt/bitnami/apache2/
           ├─24004 php-fpm: pool www
           ├─24005 php-fpm: pool www$DOMAIN/fullchain.pem /opt/bitnami/apache
           ├─24006 php-fpm: pool www
           ├─24007 php-fpm: pool wwwrt
           ├─24008 php-fpm: pool www
           ├─24009 php-fpm: pool www
           └─24021 /opt/bitnami/mariadb/sbin/mysqld --defaults-file=/opt/bitnami/mari

Feb 04 21:58:51 ip-172-26-6-234 bitnami[26726]: SSLCertificateFile: file '/opt/bitnam
Feb 04 21:58:51 ip-172-26-6-234 bitnami[26726]: 2022-02-04T21:58:51.835Z - error: Unaicates
Feb 04 21:58:51 ip-172-26-6-234 bitnami[26726]: ## 2022-02-04 21:58:51+00:00 ## INFO 
lines 1-35

journalctl -xe gives me this output:

bitnami@ip-172-26-6-234:/opt/bitnami/apache/conf/bitnami/certs$ journalctl -xe
Feb 04 21:58:50 ip-172-26-6-234 bitnami[26726]: 2022-02-04T21:58:50.589Z - info: Performing service start operation for php
Feb 04 21:58:50 ip-172-26-6-234 bitnami[26726]: php 21:58:50.99 INFO  ==> php-fpm is already running
Feb 04 21:58:51 ip-172-26-6-234 bitnami[26726]: 2022-02-04T21:58:51.003Z - info: Performing service start operation for mariadb
Feb 04 21:58:51 ip-172-26-6-234 bitnami[26726]: mariadb 21:58:51.39 INFO  ==> mariadb is already running
Feb 04 21:58:51 ip-172-26-6-234 bitnami[26726]: 2022-02-04T21:58:51.392Z - info: Performing service start operation for apache
Feb 04 21:58:51 ip-172-26-6-234 bitnami[26726]: AH00526: Syntax error on line 4 of /opt/bitnami/apache/conf/vhosts/wordpress-https-vhost.conf:
Feb 04 21:58:51 ip-172-26-6-234 bitnami[26726]: SSLCertificateFile: file '/opt/bitnami/apache/conf/bitnami/certs/server.crt' does not exist or is empty
Feb 04 21:58:51 ip-172-26-6-234 bitnami[26726]: 2022-02-04T21:58:51.835Z - error: Unable to perform start operation Export start for apache failed with exit code 1
Feb 04 21:58:51 ip-172-26-6-234 bitnami[26726]: ## 2022-02-04 21:58:51+00:00 ## INFO ## Running /opt/bitnami/var/init/post-start/010_bitnami_agent_extra...
Feb 04 21:58:51 ip-172-26-6-234 bitnami[26726]: ## 2022-02-04 21:58:51+00:00 ## INFO ## Running /opt/bitnami/var/init/post-start/020_bitnami_agent...
Feb 04 21:58:51 ip-172-26-6-234 bitnami[26726]: ## 2022-02-04 21:58:51+00:00 ## INFO ## Running /opt/bitnami/var/init/post-start/030_update_welcome_file...
Feb 04 21:58:51 ip-172-26-6-234 bitnami[26726]: ## 2022-02-04 21:58:51+00:00 ## INFO ## Running /opt/bitnami/var/init/post-start/040_bitnami_credentials_file...
Feb 04 21:58:51 ip-172-26-6-234 bitnami[26726]: ## 2022-02-04 21:58:51+00:00 ## INFO ## Running /opt/bitnami/var/init/post-start/050_clean_metadata...
Feb 04 21:58:51 ip-172-26-6-234 sudo[26717]: pam_unix(sudo:session): session closed for user root
Feb 04 21:58:51 ip-172-26-6-234 systemd[1]: bitnami.service: Control process exited, code=exited, status=1/FAILURE
-- Subject: Unit process exited
-- Defined-By: systemd
-- Support: https://www.debian.org/support
-- 
-- An ExecStart= process belonging to unit bitnami.service has exited.
-- 
-- The process' exit code is 'exited' and its exit status is 1.
Feb 04 21:58:51 ip-172-26-6-234 systemd[1]: bitnami.service: Failed with result 'exit-code'.
-- Subject: Unit failed
-- Defined-By: systemd
-- Support: https://www.debian.org/support
-- 
-- The unit bitnami.service has entered the 'failed' state with result 'exit-code'.
Feb 04 21:58:51 ip-172-26-6-234 systemd[1]: Failed to start LSB: bitnami init script.
-- Subject: A start job for unit bitnami.service has failed
-- Defined-By: systemd
-- Support: https://www.debian.org/support
-- 
-- A start job for unit bitnami.service has finished with a failure.
-- 
-- The job identifier is 2414 and the job result is failed.
Feb 04 21:59:02 ip-172-26-6-234 dhclient[462]: PRC: Renewing lease on eth0.
Feb 04 21:59:02 ip-172-26-6-234 dhclient[462]: XMT: Renew on eth0, interval 10570ms.
Feb 04 21:59:02 ip-172-26-6-234 dhclient[462]: RCV: Reply message on eth0 from fe80::469:5eff:fedb:5bd9.
Feb 04 22:00:12 ip-172-26-6-234 dhclient[462]: PRC: Renewing lease on eth0.
Feb 04 22:00:12 ip-172-26-6-234 dhclient[462]: XMT: Renew on eth0, interval 9270ms.
Feb 04 22:00:12 ip-172-26-6-234 dhclient[462]: RCV: Reply message on eth0 from fe80::469:5eff:fedb:5bd9.
Feb 04 22:01:22 ip-172-26-6-234 dhclient[462]: PRC: Renewing lease on eth0.
Feb 04 22:01:22 ip-172-26-6-234 dhclient[462]: XMT: Renew on eth0, interval 10290ms.
Feb 04 22:01:22 ip-172-26-6-234 dhclient[462]: RCV: Reply message on eth0 from fe80::469:5eff:fedb:5bd9.

I'm not sure where things went wrong.
systemctl says CertificateFile: file '/opt/bitnami/apache/conf/bitnami/certs/server.crt' does not exist or is empty
I don't understand why that would be. I've searched and found that some said there was a typo in the AWS guide where DOMAIN should be $DOMAIN. I redid that process but no change. I also requested a new cert and now my certs are
justfauxfundecor.com/privkey2.pem & justfauxfundecor.com/fullchain2.pem in /etc/letsencrypt/live/$DOMAIN/

My site is down now, I've been trying for hours to go over the steps to see what went wrong but can't figure it out. I appreciate any help.
Thanks!

Please forget that tutorial, uninstall certbot, and follow the other tutorial using bncert.

Thanks for the quick reply. I've uninstalled certbot. Do I need to remove the DNS TXT records I created?

I launched bncert but I've got a similar error:

--------------------------------------------------------------------------- subgid
Welcome to the Bitnami HTTPS Configuration tool.

Bitnami installation directory

Please type a directory that contains a Bitnami installation. The default
installation directory for Linux installers is a directory inside /opt.

Bitnami installation directory [/opt/bitnami]:

Warning: The web server configuration check failed. Please fix the configuration
error:
AH00526: Syntax error on line 4 of
/opt/bitnami/apache/conf/vhosts/wordpress-https-vhost.conf:
SSLCertificateFile: file '/opt/bitnami/apache/conf/bitnami/certs/server.crt'
does not exist or is empty

Is there something I can do to reset/fix whatever seems to be wrong with my SSL cert?

Restore what you modified following the first (horrid) tutorial.

Your Apache config is referring to some files that don't currently exist. I can tell you how to make the configuration valid but I don't know what bncert is expecting after.

Unfortunately I don't think I really know what or where it went wrong. Following the previous guide, it had me mv and ln certs to different folders. I've tried copying them back but for some reason both the key/cert files are empty. I looked up how to create a SSL for Apache but that also gives me errors.

sudo openssl genrsa -out /opt/bitnami/apache/conf/bitnami/
certs/server.key 2048
genrsa: Can't open "/opt/bitnami/apache/conf/bitnami/certs/server.key" for writing, N
o such file or directory

The only thing I can think of is destroying the Lightsail instance and starting over with bncert. I don't know if that's the right decision or not.

If you haven't invested a lot of time in it, it could be. But it can be problematic if you issued several certificates.

If it still complains about missing certificates, just edit the apache config and comment out the lines referring to them. (put a # at the beginning of the line)

Those (mis)guides are to blame.

After deleting the AWS Lightsail instance, the new bncert tool was much easier. I'm not sure why AWS still has the certbot guide still posted.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.