Can somebody help me

UncleSam · May 4, 2023, 3:15am

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: joomla4.mytechsite.gq

I ran this command: sudo certbot --apache

It produced this output: Unable to find corresponding HTTP vhost; Unable to create one as intended addresses conflict; Current configuration does not support automated redirection

What would you like to do?

1: Attempt to reinstall this existing certificate
2: Renew & replace the certificate (may be subject to CA rate limits)

Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 1
Deploying certificate
Successfully deployed certificate for joomla4.mytechsite.gq to /etc/apache2/sites-enabled/joomla4.conf
Failed redirect for joomla4.mytechsite.gq
Unable to set the redirect enhancement for joomla4.mytechsite.gq.

NEXT STEPS:

The certificate was saved, but could not be installed (installer: apache). After fixing the error shown below, try installing it again by running:
certbot install --cert-name joomla4.mytechsite.gq

My web server is (include version): Ubuntu 22.04 (fully updated and upgraded)

The operating system my web server runs on is (include version): Apache/2.4.52 (Ubuntu)

My hosting provider, if applicable, is: VPS Oracle

I can login to a root shell on my machine (yes or no, or I don't know): Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): 1.21.0

rg305 · May 4, 2023, 4:35am

Hi @UncleSam, and welcome to the LE community forum

You need to correct your Apache configuration.
I'd start with the output of:
sudo apachectl -t -D DUMP_VHOSTS

UncleSam · May 4, 2023, 5:12pm

OK I ran the command as you suggested and the output is as follows:

`sudo apachectl -t -D DUMP_VHOSTS`

ubuntu@instance-20230417-0416:~$ sudo apachectl -t -D DUMP_VHOSTS

VirtualHost configuration:
*:443                  joomla3.mytechsite.gq (/etc/apache2/sites-enabled/joomla3b-le-ssl.conf:2)
*:80                   is a NameVirtualHost
         default server 132.145.57.84 (/etc/apache2/sites-enabled/000-default.conf:1)
         port 80 namevhost 132.145.57.84 (/etc/apache2/sites-enabled/000-default.conf:1)
         port 80 namevhost joomla3.mainsite.tk (/etc/apache2/sites-enabled/joomla3.conf:1)
                 alias www.joomla3.mainsite.tk
         port 80 namevhost joomla3.mytechsite.gq (/etc/apache2/sites-enabled/joomla3b.conf:1)
                 alias www.joomla3.mytechsite.gq
         port 80 namevhost joomla4.mytechsite.gq (/etc/apache2/sites-enabled/joomla4.conf:1)
                 alias www.joomla4.mytechsite.gq
         port 80 namevhost oracle.mainsite.tk (/etc/apache2/sites-enabled/oracle.conf:1)
                 alias www.oracle.mainsite.tk
         port 80 namevhost phpmyadmin.mainsite.tk (/etc/apache2/sites-enabled/phpmyadmin.conf:1)
                 alias www.phpmyadmin.mainsite.tk

Do you see anything in the above output that stands out to be the culprit.

I have quite a few subdomains on the server but for some reasons joomla3, & jooml4 are mixed up. Joomla3 works as expected but joomla4 seems to be a real problem.

The relevant sites are:

https://joomla3.mytechsite.gq
https://joomla4.mytechsite.gq
https://phpmyadmin.mainsite.tk
https://oracle.mainsite.tk

I could redo the joomla4 config but before I do I'll wait for your opinion.

Kind regards,

UncleSam · May 4, 2023, 5:16pm

Can I also mention that Joomla4 is not a risky site. It is completely blank at the moment so the warning you might get is standard Firefox warning message because there is no certificate attached yet..

https://joomla4.mytechsite.gq

Thank you.

rg305 · May 4, 2023, 5:19pm

Let's have a look at this file:

UncleSam · May 4, 2023, 5:25pm

OK here it is:

<VirtualHost *:80>
    ServerName joomla4.mytechsite.gq
    ServerAlias www.joomla4.mytechsite.gq
    ServerAdmin webmaster@mytechsite.gq
    DocumentRoot /var/www/joomla4.mytechsite.gq

    SSLEngine on
    ErrorLog ${APACHE_LOG_DIR}/joomla4-error.log
    CustomLog ${APACHE_LOG_DIR}/joomla4-access.log combined

    <Directory /var/www/joomla4.mytechsite.gq>
        Options -Indexes +FollowSymLinks
        AllowOverride All
    </Directory>

	<IfModule dir_module>
    	# DirectoryIndex index.php index.html index.shtml default.html main.html
	</IfModule>

	DirectoryIndex index.php index.html index.shtml default.html main.html

</VirtualHost>

MikeMcQ · May 4, 2023, 5:34pm

You should remove that. VirtualHosts for port 80 do not handle SSL

I don't know that it will fix the problem but it is wrong and unusual to see.

Once removed try this from the error message

UncleSam · May 4, 2023, 5:44pm

No luck. This is what I get:

ubuntu@instance-20230417-0416:~$ sudo systemctl reload apache2
ubuntu@instance-20230417-0416:~$ sudo certbot install --cert-name joomla4.mytechsite.gq
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Deploying certificate
Could not install certificate
Could not reverse map the HTTPS VirtualHost to the original
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
ubuntu@instance-20230417-0416:~$

rg305 · May 4, 2023, 6:01pm

Please show this file:
/etc/apache2/sites-enabled/joomla3b-le-ssl.conf

UncleSam · May 4, 2023, 6:11pm

Here it is:

<IfModule mod_ssl.c>
<VirtualHost *:443>
    ServerName joomla3.mytechsite.gq
    ServerAlias www.joomla3.mytechsite.gq
    ServerAdmin webmaster@mytechsite.gq
    DocumentRoot /var/www/joomla3.mytechsite.gq
    ErrorLog ${APACHE_LOG_DIR}/joomla3b-error.log
    CustomLog ${APACHE_LOG_DIR}/joomla3b-access.log combined

    <Directory /var/www/joomla3.mytechsite.gq>
        Options -Indexes +FollowSymLinks
        AllowOverride All
    </Directory>

	<IfModule dir_module>
    	# DirectoryIndex index.php index.html index.shtml default.html main.html
	</IfModule>

	DirectoryIndex index.php index.html index.shtml default.html main.html


SSLCertificateFile /etc/letsencrypt/live/joomla3.mytechsite.gq/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/joomla3.mytechsite.gq/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>

This file was created automatically by certbot so I know I can't change it. Joomla3 works OK as far as I can see.

Joomla4 had a previous certicate by zeroSSL but I have revoked it. It still shows here for some reasons:

For joomla3, there are only the correct entries here:

I know I made a real hash by not selecting both J3 and J4 at the time os certificate issuance but now how do I reverse the error.

Thanks for your persevering on this.

UncleSam · May 4, 2023, 6:17pm

This might be a better output:

<IfModule mod_ssl.c>
<VirtualHost *:443>
    ServerName joomla3.mytechsite.gq
    ServerAlias www.joomla3.mytechsite.gq
    ServerAdmin webmaster@mytechsite.gq
    DocumentRoot /var/www/joomla3.mytechsite.gq
    ErrorLog ${APACHE_LOG_DIR}/joomla3b-error.log
    CustomLog ${APACHE_LOG_DIR}/joomla3b-access.log combined

    <Directory /var/www/joomla3.mytechsite.gq>
        Options -Indexes +FollowSymLinks
        AllowOverride All
    </Directory>

	<IfModule dir_module>
    	# DirectoryIndex index.php index.html index.shtml default.html main.html
	</IfModule>

	DirectoryIndex index.php index.html index.shtml default.html main.html


SSLCertificateFile /etc/letsencrypt/live/joomla3.mytechsite.gq/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/joomla3.mytechsite.gq/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>

MikeMcQ · May 4, 2023, 6:47pm

The best output is to use 3 backticks before and after the Apache config like
```
apache config
```

Use the same 3 backtick method to show results of this

sudo certbot certificates

rg305 · May 4, 2023, 6:51pm

Depending on the output of:
certbot certificates
you may be able to copy the file:
/etc/apache2/sites-enabled/joomla3b-le-ssl.conf
as:
/etc/apache2/sites-available/joomla4-le-ssl.conf
[then edit the new file and change the "3"s/"3b"s to "4"s]
and then enable it and restart Apache.

UncleSam · May 4, 2023, 7:24pm

Done it and it works. Thank you very much indeed. Now I can document the entire process for future reference.

UncleSam · May 4, 2023, 7:27pm

Just to test your suggestion of 3 dots I am posting this but it is not really part of the solution or question:

Found the following certs:
  Certificate Name: joomla3.mytechsite.gq
    Serial Number: 342cde912c824e8d72e6b825d62a8c28e90
    Key Type: RSA
    Domains: joomla3.mytechsite.gq
    Expiry Date: 2023-08-02 01:22:08+00:00 (VALID: 89 days)
    Certificate Path: /etc/letsencrypt/live/joomla3.mytechsite.gq/fullchain.pem
    Private Key Path: /etc/letsencrypt/live/joomla3.mytechsite.gq/privkey.pem
  Certificate Name: joomla4.mytechsite.gq
    Serial Number: 4fb6c0868fad4ad922e628d361990033e89
    Key Type: RSA
    Domains: joomla4.mytechsite.gq
    Expiry Date: 2023-08-02 01:29:20+00:00 (VALID: 89 days)
    Certificate Path: /etc/letsencrypt/live/joomla4.mytechsite.gq/fullchain.pem
    Private Key Path: /etc/letsencrypt/live/joomla4.mytechsite.gq/privkey.pem

Hope it does show as proper unformatted quote.

UncleSam · May 4, 2023, 7:35pm

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Found the following certs:
  Certificate Name: joomla3.mytechsite.gq
    Serial Number: 342cde912c824e8d72e6b825d62a8c28e90
    Key Type: RSA
    Domains: joomla3.mytechsite.gq
    Expiry Date: 2023-08-02 01:22:08+00:00 (VALID: 89 days)
    Certificate Path: /etc/letsencrypt/live/joomla3.mytechsite.gq/fullchain.pem
    Private Key Path: /etc/letsencrypt/live/joomla3.mytechsite.gq/privkey.pem
  Certificate Name: joomla4.mytechsite.gq
    Serial Number: 4fb6c0868fad4ad922e628d361990033e89
    Key Type: RSA
    Domains: joomla4.mytechsite.gq
    Expiry Date: 2023-08-02 01:29:20+00:00 (VALID: 89 days)
    Certificate Path: /etc/letsencrypt/live/joomla4.mytechsite.gq/fullchain.pem
    Private Key Path: /etc/letsencrypt/live/joomla4.mytechsite.gq/privkey.pem
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

UncleSam · May 4, 2023, 7:38pm

It seems to work. The term backticks might be new to some but it is on a key on the left of number 1 on my keyboard.

FYI for new users here.

MikeMcQ · May 4, 2023, 8:35pm

It is actually 3 backticks but you are right we don't need that info anymore. Thanks

Number one google search result for backtick

system · June 3, 2023, 8:36pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.