Can not register certificate

My domain is: khongcotien.top

I ran this command: certbot --apache

It produced this output:

[root@oneview ~]# certbot --apache
Saving debug log to /var/log/letsencrypt/letsencrypt.log

Which names would you like to activate HTTPS for?

1: khongcotien.top

Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel): 1
Requesting a certificate for khongcotien.top

Certbot failed to authenticate some domains (authenticator: apache). The Certificate Authority reported these problems:
Domain: khongcotien.top
Type: unauthorized
Detail: Invalid response from http://khongcotien.top/.well-known/acme-challenge/dx2866V-KHOTSTaUqKfLe4S7p9zqyBGCgSAow1_y5fE [134.209.32.26]: "\n\n\n\n\n\n\n\n\n<html lang="en">\n\n\n\n <meta charset="utf-8">\n <meta http-equiv="X-UA-Compatible" content="IE=edge">\n <met"

Hint: The Certificate Authority failed to verify the temporary Apache configuration changes made by Certbot. Ensure that the listed domains point to this Apache server and that it is accessible from the internet.

Some challenges have failed.

My web server is (include version):

Server version: Apache/2.4.6 (CentOS)
Server built: Nov 10 2021 14:26:31

The operating system my web server runs on is (include version):
Centos 7

My hosting provider, if applicable, is:pavietnam.vn

I can login to a root shell on my machine (yes or no, or I don't know):yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

certbot 1.22.0

Regards,
Tuan Phan

Hi @tuanphanvn and welcome to the LE community forum

It seems that the certbot --apache plugin is unable to correctly decipher the configuration.
Let's see if we can help untangle some of whatever is confusing certbot, with the output of:
apachectl -t -D DUMP_VHOSTS

Also, Apache/2.4.6 is quite old - can you update that?

Here is the output of apachectl:

[root@oneview ~]# apachectl -t -D DUMP_VHOSTS
Passing arguments to httpd using apachectl is no longer supported.
You can only start/stop/restart httpd using this script.
If you want to pass extra arguments to httpd, edit the
/etc/sysconfig/httpd config file.
[root@oneview ~]# apachectl -t -D khongcotien.top
Passing arguments to httpd using apachectl is no longer supported.
You can only start/stop/restart httpd using this script.
If you want to pass extra arguments to httpd, edit the
/etc/sysconfig/httpd config file.

There is no much information.

I am checking if we can upgrade Apache to latest version.

[root@oneview yum.repos.d]# yum install httpd
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile

• base: centos.mirror.constant.com
• epel: d2lzkl7pfhq30w.cloudfront.net
• extras: mirrors.advancedhosters.com
• updates: centos.mirror.constant.com
  droplet-agent | 3.3 kB 00:00:00
  Package httpd-2.4.6-97.el7.centos.2.x86_64 already installed and latest version
  Nothing to do

One more thing, I checked on let's Debug. It is all ok yesterday but now I got this failed for option: TLS-ALPN-01.

IssueFromLetsEncrypt

ERROR

A test authorization for khongcotien.top to the Let's Encrypt staging service has revealed issues that may prevent any certificate for this domain being issued.

Connection refused

I updated to latest version

[root@oneview yum.repos.d]# httpd -v
Server version: Apache/2.4.52 (codeit)
Server built: Dec 20 2021 11:29:54
[root@oneview yum.repos.d]#

Redirecting to /bin/systemctl restart httpd.service
[root@oneview yum.repos.d]# apachectl -t -D DUMP_VHOSTS
[root@oneview yum.repos.d]# apachectl -t -D khongcotien.top
[root@oneview yum.repos.d]# certbot --apache

Try:
apachectl -S

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.