Cannot find Apache executable apachectl


#1

estoy instalando certbot, ayuda por favor, a continuacion el procedimiento

My domain is: ediciones.uis.edu.co

I ran this command:
./certbot-auto --apache --apache-server-root /opt/rh/httpd24/root/etc/httpd --apache-vhost-root /opt/rh/httpd24/root/etc/httpd/conf.d --apache-logs-root /opt/rh/httpd24/root/var/log/httpd --apache-challenge-location /opt/rh/httpd24/root/etc/httpd

It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
The apache plugin is not working; there may be problems with your existing configuration.
The error was: NoInstallationError(‘Cannot find Apache executable apachectl’,)

letsencrypt/letsencrypt.log:
2018-10-01 17:14:55,772:DEBUG:certbot.main:certbot version: 0.27.1
2018-10-01 17:14:55,772:DEBUG:certbot.main:Arguments: [’–apache’, ‘–apache-server-root’, ‘/opt/rh/httpd24/root/etc/httpd’, ‘–apache-vhost-root’, ‘/opt/rh/httpd24/root/etc/httpd/conf.d’, ‘–apache-logs-root’, ‘/opt/rh/httpd24/root/var/log/httpd’, ‘–apache-challenge-location’, ‘/opt/rh/httpd24/root/etc/httpd’]
2018-10-01 17:14:55,772:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2018-10-01 17:14:55,796:DEBUG:certbot.log:Root logging level set at 20
2018-10-01 17:14:55,796:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2018-10-01 17:14:55,798:DEBUG:certbot.plugins.selection:Requested authenticator apache and installer apache
2018-10-01 17:14:55,825:DEBUG:certbot.plugins.util:Failed to find executable apachectl in PATH: /usr/lib64/qt-3.3/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin
2018-10-01 17:14:55,825:DEBUG:certbot.plugins.disco:No installation (PluginEntryPoint#apache): Cannot find Apache executable apachectl
Traceback (most recent call last):
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/plugins/disco.py”, line 132, in prepare
self._initialized.prepare()
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot_apache/configurator.py”, line 232, in prepare
self._verify_exe_availability(self.option(“ctl”))
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot_apache/configurator.py”, line 277, in _verify_exe_availability
‘Cannot find Apache executable {0}’.format(exe))
NoInstallationError: Cannot find Apache executable apachectl
2018-10-01 17:14:55,827:DEBUG:certbot.plugins.selection:No candidate plugin
2018-10-01 17:14:55,828:DEBUG:certbot.plugins.selection:Selected authenticator None and installer None

My web server is (include version):
Apache24 (httpd24-httpd-devel.x86_64)

The operating system my web server runs on is (include version):
Linux red hat 7

My hosting provider, if applicable, is: uis.edu.co

I can login to a root shell on my machine (yes or no, or I don’t know):
SI


#2

Hi @jadel

you have no older Letsencrypt-certificate:

https://transparencyreport.google.com/https/certificates?cert_search_auth=&cert_search_cert=&cert_search=include_expired:true;include_subdomains:false;domain:ediciones.uis.edu.co&lu=cert_search

So try only

to use the interactive mode. Then certbot may ask.


#3

Hi @jadel,

Seems certbot-auto can’t find apachectl so you could add one more parameter to your certbot-auto command to specify the full path to this tool.

--apache-ctl /path/to/apachectl

Cheers,
sahsanu


#4

hello, sahsnu,

best regard,
I ran the following command:

./certbot-auto --apache --apache-server-root / opt / rh / httpd24 / root / etc / httpd --apache-vhost-root /opt/rh/httpd24/root/etc/httpd/conf.d
–apache-logs-root / opt / rh / httpd24 / root / var / log / httpd --apache-challenge-location / opt / rh / httpd24 / root / etc / httpd --apache-ctl / opt / rh / httpd24 / root / usr / sbin / apachectl

this was the result:

The apache plugin is not working; There may be problems with your existing configuration.
The error was: MisconfigurationError ('Error while running / opt / rh / httpd24 / root / usr / sbin / apachectl configtest. \ N \ nhttpd: Syntax error on line 56 of / opt / rh / httpd24 / root / etc / httpd / conf / httpd.conf: Syntax error on line 40 of /opt/rh/httpd24/root/etc/httpd/conf.modules.d/00-base.conf: Can not load modules / mod_http2.so into server: libnghttp2-httpd24 .so.14: can not open shared object file: No such file or directory \ n ',)


#5

Hello,

the execution does not work, the result is exactly the same as the first one.

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Certbot does not know how to automatically configure the web server on this system. However, it can still get a certificate for you. Please run “certbot-auto certonly” to do so. You’ll need to manually configure your web server to use the following certificate.


#6

Hi,

Do you happen to know the exact version of your httpd?

Thank you


#7

What’s the content of this file? And what says line 56?

Then deactivate your http2 - usage.

PS: You can use the certonly option to get only a certificate. Then install it manual.


#8

I’m not sure what’s going on with RHEL httpd, but it seems that there’s a “closed” bugzellia request on redhat.
https://bugzilla.redhat.com/show_bug.cgi?id=1329639

You’ll need to run
scl enable httpd24 -- /opt/rh/httpd24/root/usr/sbin/apachectl configtest instead of /opt/rh/httpd24/root/usr/sbin/apachectl configtest when invoking the ctl functions…

Thank you


#9

run the result line:

[root] scl enable httpd24 - / opt / rh / httpd24 / root / usr / sbin / apachectl
httpd (pid 6464) already running


#10

Can you also please try to run / opt / rh / httpd24 / root / usr / sbin / apachectl configtest and scl enable httpd24 - / opt / rh / httpd24 / root / usr / sbin / apachectl configtest ?

Thank you


#11

httpd24-httpd-devel.x86_64


#12

I do not understand, what I should do.


#13

I’m trying to reproduce the issue certbot experienced on your system…

Execute two commands on your terminal and share us the output, please.
(Please run as a root / sudo user)

  1. scl enable httpd24 -- /opt/rh/httpd24/root/usr/sbin/apachectl configtest

  2. /opt/rh/httpd24/root/usr/sbin/apachectl configtest

The two commands are the same, except the first one is a workaround with a case similar to yours in RH’s Bugzilla.

Thank you


#14

result

[root@ediciones] # scl enable httpd24 - / opt / rh / httpd24 / root / usr / sbin / apachectl configtest
Syntax OK
[root@ediciones] # / opt / rh / httpd24 / root / usr / sbin / apachectl configtest
http: Syntax error on line 56 of /opt/rh/httpd24/root/etc/httpd/conf/httpd.conf: Syntax error on line 40 of /opt/rh/httpd24/root/etc/httpd/conf.modules. d / 00-base.conf: Can not load modules / mod_http2.so into server: libnghttp2-httpd24.so.14: can not open shared object file: No such file or directory
[root @ issues Downloads] #

Thank you


#15

Hi,

Thank you for the test!
I’m now 70% sure you encountered the same bug.

Pinging @lestaff to see if they have a workaround with this bug in certbot-auto.

Thank you


#16

39 # prevent Apache from glomming onto all bound IP addresses.
40 #
41 #Listen 12.34.56.78:80
42 Listen 80
43
44 #
45 # Dynamic Shared Object (DSO) Support
46 #
47 # To be able to use the functionality of a module which was built as a DSO you
48 # have to place corresponding LoadModule' lines at this location so the 49 # directives contained in it are actually available _before_ they are used. 50 # Statically compiled modules (those listed byhttpd -l’) do not need
51 # to be loaded here.
52 #
53 # Example:
54 # LoadModule foo_module modules/mod_foo.so
55 #
56 Include conf.modules.d/*.conf
57
58 #
59 # If you wish httpd to run as a different user or group, you must run
60 # httpd as root initially and it will switch.
61 #
62 # User/Group: The name (or #number) of the user/group to run httpd as.
63 # It is usually good practice to create a dedicated user and group for
64 # running httpd, as with most system services.
65 #
66 User apache
67 Group apache
68
strong text


#17

Hi @jadel,

@stevenzhu discovered the issue so if above command works you could try to create a wrapper for that command, something like this:

echo -e '#!/bin/bash\nscl enable httpd24 -- /opt/rh/httpd24/root/usr/sbin/apachectl $@' > /opt/rh/httpd24/root/usr/sbin/apachectlwrapper
chmod 750 /opt/rh/httpd24/root/usr/sbin/apachectlwrapper

And try again your certbot command but adding that wrapper to the --apache-ctl parameter:

--apache-ctl /opt/rh/httpd24/root/usr/sbin/apachectlwrapper

Cheers,
sahsanu


#18

And what’s the content of conf.modules.d?

Perhaps there is a file with a wrong format.


#19

I can use the certonly:

[root@ediciones Descargas]# ./certbot-auto certonly
Saving debug log to /var/log/letsencrypt/letsencrypt.log

How would you like to authenticate with the ACME CA?


1: Spin up a temporary webserver (standalone)
2: Place files in webroot directory (webroot)


Select the appropriate number [1-2] then [enter] (press ‘c’ to cancel): 2
Plugins selected: Authenticator webroot, Installer None
Please enter in your domain name(s) (comma and/or space separated) (Enter ‘c’
to cancel): /opt/rh/httpd24/root/etc/httpd/conf
Obtaining a new certificate
An unexpected error occurred:
The request message was malformed :: Error creating new order :: Invalid character in DNS name
Please see the logfiles in /var/log/letsencrypt for more details.


#20

This is not your domain name.

Your domain name is

ediciones.uis.edu.co

Or use

certbot-auto certonly -d ediciones.uis.edu.co

to skip that step.