Cannot find Apache executable apachectl

estoy instalando certbot, ayuda por favor, a continuacion el procedimiento

My domain is: ediciones.uis.edu.co

I ran this command:
./certbot-auto --apache --apache-server-root /opt/rh/httpd24/root/etc/httpd --apache-vhost-root /opt/rh/httpd24/root/etc/httpd/conf.d --apache-logs-root /opt/rh/httpd24/root/var/log/httpd --apache-challenge-location /opt/rh/httpd24/root/etc/httpd

It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
The apache plugin is not working; there may be problems with your existing configuration.
The error was: NoInstallationError(‘Cannot find Apache executable apachectl’,)

letsencrypt/letsencrypt.log:
2018-10-01 17:14:55,772:DEBUG:certbot.main:certbot version: 0.27.1
2018-10-01 17:14:55,772:DEBUG:certbot.main:Arguments: [’–apache’, ‘–apache-server-root’, ‘/opt/rh/httpd24/root/etc/httpd’, ‘–apache-vhost-root’, ‘/opt/rh/httpd24/root/etc/httpd/conf.d’, ‘–apache-logs-root’, ‘/opt/rh/httpd24/root/var/log/httpd’, ‘–apache-challenge-location’, ‘/opt/rh/httpd24/root/etc/httpd’]
2018-10-01 17:14:55,772:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2018-10-01 17:14:55,796:DEBUG:certbot.log:Root logging level set at 20
2018-10-01 17:14:55,796:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2018-10-01 17:14:55,798:DEBUG:certbot.plugins.selection:Requested authenticator apache and installer apache
2018-10-01 17:14:55,825:DEBUG:certbot.plugins.util:Failed to find executable apachectl in PATH: /usr/lib64/qt-3.3/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin
2018-10-01 17:14:55,825:DEBUG:certbot.plugins.disco:No installation (PluginEntryPoint#apache): Cannot find Apache executable apachectl
Traceback (most recent call last):
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/plugins/disco.py”, line 132, in prepare
self._initialized.prepare()
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot_apache/configurator.py”, line 232, in prepare
self._verify_exe_availability(self.option(“ctl”))
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot_apache/configurator.py”, line 277, in _verify_exe_availability
‘Cannot find Apache executable {0}’.format(exe))
NoInstallationError: Cannot find Apache executable apachectl
2018-10-01 17:14:55,827:DEBUG:certbot.plugins.selection:No candidate plugin
2018-10-01 17:14:55,828:DEBUG:certbot.plugins.selection:Selected authenticator None and installer None

My web server is (include version):
Apache24 (httpd24-httpd-devel.x86_64)

The operating system my web server runs on is (include version):
Linux red hat 7

My hosting provider, if applicable, is: uis.edu.co

I can login to a root shell on my machine (yes or no, or I don’t know):
SI

Hi @jadel

you have no older Letsencrypt-certificate:

https://transparencyreport.google.com/https/certificates?cert_search_auth=&cert_search_cert=&cert_search=include_expired:true;include_subdomains:false;domain:ediciones.uis.edu.co&lu=cert_search

So try only

to use the interactive mode. Then certbot may ask.

Hi @jadel,

Seems certbot-auto can’t find apachectl so you could add one more parameter to your certbot-auto command to specify the full path to this tool.

--apache-ctl /path/to/apachectl

Cheers,
sahsanu

hello, sahsnu,

best regard,
I ran the following command:

./certbot-auto --apache --apache-server-root / opt / rh / httpd24 / root / etc / httpd --apache-vhost-root /opt/rh/httpd24/root/etc/httpd/conf.d
–apache-logs-root / opt / rh / httpd24 / root / var / log / httpd --apache-challenge-location / opt / rh / httpd24 / root / etc / httpd --apache-ctl / opt / rh / httpd24 / root / usr / sbin / apachectl

this was the result:

The apache plugin is not working; There may be problems with your existing configuration.
The error was: MisconfigurationError ('Error while running / opt / rh / httpd24 / root / usr / sbin / apachectl configtest. \ N \ nhttpd: Syntax error on line 56 of / opt / rh / httpd24 / root / etc / httpd / conf / httpd.conf: Syntax error on line 40 of /opt/rh/httpd24/root/etc/httpd/conf.modules.d/00-base.conf: Can not load modules / mod_http2.so into server: libnghttp2-httpd24 .so.14: can not open shared object file: No such file or directory \ n ',)

Hello,

the execution does not work, the result is exactly the same as the first one.

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Certbot does not know how to automatically configure the web server on this system. However, it can still get a certificate for you. Please run “certbot-auto certonly” to do so. You’ll need to manually configure your web server to use the following certificate.

Hi,

Do you happen to know the exact version of your httpd?

Thank you

What's the content of this file? And what says line 56?

Then deactivate your http2 - usage.

PS: You can use the certonly option to get only a certificate. Then install it manual.

I’m not sure what’s going on with RHEL httpd, but it seems that there’s a “closed” bugzellia request on redhat.
https://bugzilla.redhat.com/show_bug.cgi?id=1329639

You’ll need to run
scl enable httpd24 -- /opt/rh/httpd24/root/usr/sbin/apachectl configtest instead of /opt/rh/httpd24/root/usr/sbin/apachectl configtest when invoking the ctl functions…

Thank you

run the result line:

[root] scl enable httpd24 - / opt / rh / httpd24 / root / usr / sbin / apachectl
httpd (pid 6464) already running

Can you also please try to run / opt / rh / httpd24 / root / usr / sbin / apachectl configtest and scl enable httpd24 - / opt / rh / httpd24 / root / usr / sbin / apachectl configtest ?

Thank you

httpd24-httpd-devel.x86_64

I do not understand, what I should do.

I’m trying to reproduce the issue certbot experienced on your system…

Execute two commands on your terminal and share us the output, please.
(Please run as a root / sudo user)

1. scl enable httpd24 -- /opt/rh/httpd24/root/usr/sbin/apachectl configtest

2. /opt/rh/httpd24/root/usr/sbin/apachectl configtest

The two commands are the same, except the first one is a workaround with a case similar to yours in RH’s Bugzilla.

Thank you

result

[root@ediciones] # scl enable httpd24 - / opt / rh / httpd24 / root / usr / sbin / apachectl configtest
Syntax OK
[root@ediciones] # / opt / rh / httpd24 / root / usr / sbin / apachectl configtest
http: Syntax error on line 56 of /opt/rh/httpd24/root/etc/httpd/conf/httpd.conf: Syntax error on line 40 of /opt/rh/httpd24/root/etc/httpd/conf.modules. d / 00-base.conf: Can not load modules / mod_http2.so into server: libnghttp2-httpd24.so.14: can not open shared object file: No such file or directory
[root @ issues Downloads] #

Thank you

Hi,

Thank you for the test!
I’m now 70% sure you encountered the same bug.

Pinging @lestaff to see if they have a workaround with this bug in certbot-auto.

Thank you

39 # prevent Apache from glomming onto all bound IP addresses.
40 #
41 #Listen 12.34.56.78:80
42 Listen 80
43
44 #
45 # Dynamic Shared Object (DSO) Support
46 #
47 # To be able to use the functionality of a module which was built as a DSO you
48 # have to place corresponding LoadModule' lines at this location so the 49 # directives contained in it are actually available _before_ they are used. 50 # Statically compiled modules (those listed byhttpd -l’) do not need
51 # to be loaded here.
52 #
53 # Example:
54 # LoadModule foo_module modules/mod_foo.so
55 #
56 Include conf.modules.d/*.conf
57
58 #
59 # If you wish httpd to run as a different user or group, you must run
60 # httpd as root initially and it will switch.
61 #
62 # User/Group: The name (or #number) of the user/group to run httpd as.
63 # It is usually good practice to create a dedicated user and group for
64 # running httpd, as with most system services.
65 #
66 User apache
67 Group apache
68
strong text

Hi @jadel,

@stevenzhu discovered the issue so if above command works you could try to create a wrapper for that command, something like this:

echo -e '#!/bin/bash\nscl enable httpd24 -- /opt/rh/httpd24/root/usr/sbin/apachectl $@' > /opt/rh/httpd24/root/usr/sbin/apachectlwrapper
chmod 750 /opt/rh/httpd24/root/usr/sbin/apachectlwrapper

And try again your certbot command but adding that wrapper to the --apache-ctl parameter:

--apache-ctl /opt/rh/httpd24/root/usr/sbin/apachectlwrapper

Cheers,
sahsanu

And what's the content of conf.modules.d?

Perhaps there is a file with a wrong format.

I can use the certonly:

[root@ediciones Descargas]# ./certbot-auto certonly
Saving debug log to /var/log/letsencrypt/letsencrypt.log

How would you like to authenticate with the ACME CA?

1: Spin up a temporary webserver (standalone)
2: Place files in webroot directory (webroot)

Select the appropriate number [1-2] then [enter] (press ‘c’ to cancel): 2
Plugins selected: Authenticator webroot, Installer None
Please enter in your domain name(s) (comma and/or space separated) (Enter ‘c’
to cancel): /opt/rh/httpd24/root/etc/httpd/conf
Obtaining a new certificate
An unexpected error occurred:
The request message was malformed :: Error creating new order :: Invalid character in DNS name
Please see the logfiles in /var/log/letsencrypt for more details.

This is not your domain name.

Your domain name is

ediciones.uis.edu.co

Or use

certbot-auto certonly -d ediciones.uis.edu.co

to skip that step.