Cannot renew on Joomla

I try to renew for my domain with Joomla. .htaccess has a www-glue and It is wierd, cause www.mokhin-tech.ru had passed, but mokhin-tech.ru hadn’t passed the verification.

My domain is:
mokhin-tech.ru

I ran this command:
./letsencrypt-auto --apache -d mokhin-tech.ru -d www.mokhin-tech.ru -d downloads.mokhin-tech.ru -d api.mokhin-tech.ru -d update.mokhin-tech.ru -d trollword.mokhin-tech.ru -d autismtest.api.mokhin-tech.ru

It produced this output:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for mokhin-tech.ru
Waiting for verification...
Challenge failed for domain mokhin-tech.ru
http-01 challenge for mokhin-tech.ru
Cleaning up challenges
Some challenges have failed.

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: mokhin-tech.ru
   Type:   unauthorized
   Detail: Invalid response from
   http://mokhin-tech.ru/.well-known/acme-challenge/W6caR8LRTMBTWokYwzrATJRrXgKJoOnQdgBXv-W87Hg
   [134.0.113.126]: "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML
   2.0//EN\">\n<html><head>\n<title>404 Not
   Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p"

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address.

My web server is (include version):
Linux 4.4.0-150-generic #176-Ubuntu SMP Wed May 29 18:56:26 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux

I can login to a root shell on my machine.

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
0.35.1

Hi @mokhin-denis

if the apache authenticator doesn’t work, Certbot doesn’t understand your configuration.

You have a lot of domains. Use these domains the same webroot / DocumentRoot?

What says

apachectl -S
VirtualHost configuration:
*:*                    is a NameVirtualHost
         default server mokhin-tech.ru (/etc/apache2/sites-enabled/autismtest.api.mokhin-tech.ru-le-ssl.conf:2)
         port * namevhost mokhin-tech.ru (/etc/apache2/sites-enabled/autismtest.api.mokhin-tech.ru-le-ssl.conf:2)
         port * namevhost mokhin-tech.ru (/etc/apache2/sites-enabled/autismtest.api.mokhin-tech.ru.conf:1)
*:443                  is a NameVirtualHost
         default server api.mokhin-tech.ru (/etc/apache2/sites-enabled/api.mokhin-tech.ru-le-ssl.conf:2)
         port 443 namevhost api.mokhin-tech.ru (/etc/apache2/sites-enabled/api.mokhin-tech.ru-le-ssl.conf:2)
         port 443 namevhost autismtest.api.mokhin-tech.ru (/etc/apache2/sites-enabled/autismtest.api.mokhin-tech.ru-le-ssl.conf:5)
         port 443 namevhost downloads.mokhin-tech.ru (/etc/apache2/sites-enabled/downloads.mokhin-tech.ru-le-ssl.conf:2)
         port 443 namevhost mokhin-tech.ru (/etc/apache2/sites-enabled/mokhin-tech.ru-le-ssl.conf:2)
                 alias www.mokhin-tech.ru
         port 443 namevhost trollword.api.mokhin-tech.ru (/etc/apache2/sites-enabled/trollword.api.mokhin-tech.ru-le-ssl.conf:2)
         port 443 namevhost update.mokhin-tech.ru (/etc/apache2/sites-enabled/update.mokhin-tech.ru-le-ssl.conf:2)
*:80                   is a NameVirtualHost
         default server mokhin-tech.ru (/etc/apache2/sites-enabled/000-default.conf:1)
         port 80 namevhost mokhin-tech.ru (/etc/apache2/sites-enabled/000-default.conf:1)
         port 80 namevhost api.mokhin-tech.ru (/etc/apache2/sites-enabled/api.mokhin-tech.ru.conf:1)
         port 80 namevhost autismtest.api.mokhin-tech.ru (/etc/apache2/sites-enabled/autismtest.api.mokhin-tech.ru.conf:4)
         port 80 namevhost downloads.mokhin-tech.ru (/etc/apache2/sites-enabled/downloads.mokhin-tech.ru.conf:1)
         port 80 namevhost mokhin-tech.ru (/etc/apache2/sites-enabled/mokhin-tech.ru.conf:1)
                 alias www.mokhin-tech.ru
         port 80 namevhost trollword.api.mokhin-tech.ru (/etc/apache2/sites-enabled/trollword.api.mokhin-tech.ru.conf:1)
         port 80 namevhost trollword.mokhin-tech.ru (/etc/apache2/sites-enabled/trollword.mokhin-tech.ru.conf:1)
         port 80 namevhost update.mokhin-tech.ru (/etc/apache2/sites-enabled/update.mokhin-tech.ru.conf:1)
ServerRoot: "/etc/apache2"
Main DocumentRoot: "/var/www/html"
Main ErrorLog: "/var/log/apache2/error.log"
Mutex rewrite-map: using_defaults
Mutex ssl-stapling-refresh: using_defaults
Mutex ssl-stapling: using_defaults
Mutex proxy: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/var/lock/apache2" mechanism=fcntl
Mutex mpm-accept: using_defaults
Mutex watchdog-callback: using_defaults
PidFile: "/var/run/apache2/apache2.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="denis" id=1000
Group: name="www-data" id=33

Uh - that’s not good.

Every combination of port and domain name should be unique. There are a lot of duplicated definitions.

Make a backup. Then try to cleanup that. Remove . complete. And check the the duplicated definitions so you have to merge these in one file.

2 Likes

Thank you for your advise. Now my apachectl -S shows this:

VirtualHost configuration:
*:443                  is a NameVirtualHost
         default server defsrv.mokhin-tech.ru (/etc/apache2/sites-enabled/000-default-le-ssl.conf:2)
         port 443 namevhost defsrv.mokhin-tech.ru (/etc/apache2/sites-enabled/000-default-le-ssl.conf:2)
         port 443 namevhost api.mokhin-tech.ru (/etc/apache2/sites-enabled/api.mokhin-tech.ru-le-ssl.conf:2)
         port 443 namevhost autismtest.api.mokhin-tech.ru (/etc/apache2/sites-enabled/autismtest.api.mokhin-tech.ru-le-ssl.conf:2)
         port 443 namevhost downloads.mokhin-tech.ru (/etc/apache2/sites-enabled/downloads.mokhin-tech.ru-le-ssl.conf:2)
         port 443 namevhost mokhin-tech.ru (/etc/apache2/sites-enabled/mokhin-tech.ru-le-ssl.conf:2)
                 alias www.mokhin-tech.ru
         port 443 namevhost trollword.api.mokhin-tech.ru (/etc/apache2/sites-enabled/trollword.api.mokhin-tech.ru-le-ssl.conf:2)
         port 443 namevhost trollword.mokhin-tech.ru (/etc/apache2/sites-enabled/trollword.mokhin-tech.ru-le-ssl.conf:2)
         port 443 namevhost update.mokhin-tech.ru (/etc/apache2/sites-enabled/update.mokhin-tech.ru-le-ssl.conf:2)
*:80                   is a NameVirtualHost
         default server defsrv.mokhin-tech.ru (/etc/apache2/sites-enabled/000-default.conf:9)
         port 80 namevhost defsrv.mokhin-tech.ru (/etc/apache2/sites-enabled/000-default.conf:9)
         port 80 namevhost api.mokhin-tech.ru (/etc/apache2/sites-enabled/api.mokhin-tech.ru.conf:1)
         port 80 namevhost autismtest.api.mokhin-tech.ru (/etc/apache2/sites-enabled/autismtest.api.mokhin-tech.ru.conf:1)
         port 80 namevhost downloads.mokhin-tech.ru (/etc/apache2/sites-enabled/downloads.mokhin-tech.ru.conf:1)
         port 80 namevhost mokhin-tech.ru (/etc/apache2/sites-enabled/mokhin-tech.ru.conf:1)
                 alias www.mokhin-tech.ru
         port 80 namevhost trollword.api.mokhin-tech.ru (/etc/apache2/sites-enabled/trollword.api.mokhin-tech.ru.conf:1)
         port 80 namevhost trollword.mokhin-tech.ru (/etc/apache2/sites-enabled/trollword.mokhin-tech.ru.conf:1)
         port 80 namevhost update.mokhin-tech.ru (/etc/apache2/sites-enabled/update.mokhin-tech.ru.conf:1)
ServerRoot: "/etc/apache2"
Main DocumentRoot: "/var/www/html"
Main ErrorLog: "/var/log/apache2/error.log"
Mutex watchdog-callback: using_defaults
Mutex rewrite-map: using_defaults
Mutex ssl-stapling-refresh: using_defaults
Mutex ssl-stapling: using_defaults
Mutex proxy: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/var/lock/apache2" mechanism=fcntl
Mutex mpm-accept: using_defaults
PidFile: "/var/run/apache2/apache2.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="denis" id=1000
Group: name="www-data" id=33

And I’ve got new certs for all my domains and subdomains!

2 Likes

That’s amazing. Happy to read that it has worked :+1:

1 Like