I try to renew for my domain with Joomla. .htaccess has a www-glue and It is wierd, cause www.mokhin-tech.ru had passed, but mokhin-tech.ru hadn’t passed the verification.
My domain is:
mokhin-tech.ru
I ran this command:
./letsencrypt-auto --apache -d mokhin-tech.ru -d www.mokhin-tech.ru -d downloads.mokhin-tech.ru -d api.mokhin-tech.ru -d update.mokhin-tech.ru -d trollword.mokhin-tech.ru -d autismtest.api.mokhin-tech.ru
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for mokhin-tech.ru
Waiting for verification...
Challenge failed for domain mokhin-tech.ru
http-01 challenge for mokhin-tech.ru
Cleaning up challenges
Some challenges have failed.
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: mokhin-tech.ru
Type: unauthorized
Detail: Invalid response from
http://mokhin-tech.ru/.well-known/acme-challenge/W6caR8LRTMBTWokYwzrATJRrXgKJoOnQdgBXv-W87Hg
[134.0.113.126]: "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML
2.0//EN\">\n<html><head>\n<title>404 Not
Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p"
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
My web server is (include version):
Linux 4.4.0-150-generic #176-Ubuntu SMP Wed May 29 18:56:26 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
I can login to a root shell on my machine.
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you’re using Certbot):
0.35.1
Hi @mokhin-denis
if the apache authenticator doesn't work, Certbot doesn't understand your configuration.
You have a lot of domains. Use these domains the same webroot / DocumentRoot?
What says
apachectl -S
VirtualHost configuration:
*:* is a NameVirtualHost
default server mokhin-tech.ru (/etc/apache2/sites-enabled/autismtest.api.mokhin-tech.ru-le-ssl.conf:2)
port * namevhost mokhin-tech.ru (/etc/apache2/sites-enabled/autismtest.api.mokhin-tech.ru-le-ssl.conf:2)
port * namevhost mokhin-tech.ru (/etc/apache2/sites-enabled/autismtest.api.mokhin-tech.ru.conf:1)
*:443 is a NameVirtualHost
default server api.mokhin-tech.ru (/etc/apache2/sites-enabled/api.mokhin-tech.ru-le-ssl.conf:2)
port 443 namevhost api.mokhin-tech.ru (/etc/apache2/sites-enabled/api.mokhin-tech.ru-le-ssl.conf:2)
port 443 namevhost autismtest.api.mokhin-tech.ru (/etc/apache2/sites-enabled/autismtest.api.mokhin-tech.ru-le-ssl.conf:5)
port 443 namevhost downloads.mokhin-tech.ru (/etc/apache2/sites-enabled/downloads.mokhin-tech.ru-le-ssl.conf:2)
port 443 namevhost mokhin-tech.ru (/etc/apache2/sites-enabled/mokhin-tech.ru-le-ssl.conf:2)
alias www.mokhin-tech.ru
port 443 namevhost trollword.api.mokhin-tech.ru (/etc/apache2/sites-enabled/trollword.api.mokhin-tech.ru-le-ssl.conf:2)
port 443 namevhost update.mokhin-tech.ru (/etc/apache2/sites-enabled/update.mokhin-tech.ru-le-ssl.conf:2)
*:80 is a NameVirtualHost
default server mokhin-tech.ru (/etc/apache2/sites-enabled/000-default.conf:1)
port 80 namevhost mokhin-tech.ru (/etc/apache2/sites-enabled/000-default.conf:1)
port 80 namevhost api.mokhin-tech.ru (/etc/apache2/sites-enabled/api.mokhin-tech.ru.conf:1)
port 80 namevhost autismtest.api.mokhin-tech.ru (/etc/apache2/sites-enabled/autismtest.api.mokhin-tech.ru.conf:4)
port 80 namevhost downloads.mokhin-tech.ru (/etc/apache2/sites-enabled/downloads.mokhin-tech.ru.conf:1)
port 80 namevhost mokhin-tech.ru (/etc/apache2/sites-enabled/mokhin-tech.ru.conf:1)
alias www.mokhin-tech.ru
port 80 namevhost trollword.api.mokhin-tech.ru (/etc/apache2/sites-enabled/trollword.api.mokhin-tech.ru.conf:1)
port 80 namevhost trollword.mokhin-tech.ru (/etc/apache2/sites-enabled/trollword.mokhin-tech.ru.conf:1)
port 80 namevhost update.mokhin-tech.ru (/etc/apache2/sites-enabled/update.mokhin-tech.ru.conf:1)
ServerRoot: "/etc/apache2"
Main DocumentRoot: "/var/www/html"
Main ErrorLog: "/var/log/apache2/error.log"
Mutex rewrite-map: using_defaults
Mutex ssl-stapling-refresh: using_defaults
Mutex ssl-stapling: using_defaults
Mutex proxy: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/var/lock/apache2" mechanism=fcntl
Mutex mpm-accept: using_defaults
Mutex watchdog-callback: using_defaults
PidFile: "/var/run/apache2/apache2.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="denis" id=1000
Group: name="www-data" id=33
Uh - that’s not good.
Every combination of port and domain name should be unique. There are a lot of duplicated definitions.
Make a backup. Then try to cleanup that. Remove . complete. And check the the duplicated definitions so you have to merge these in one file.
2 Likes
Thank you for your advise. Now my apachectl -S
shows this:
VirtualHost configuration:
*:443 is a NameVirtualHost
default server defsrv.mokhin-tech.ru (/etc/apache2/sites-enabled/000-default-le-ssl.conf:2)
port 443 namevhost defsrv.mokhin-tech.ru (/etc/apache2/sites-enabled/000-default-le-ssl.conf:2)
port 443 namevhost api.mokhin-tech.ru (/etc/apache2/sites-enabled/api.mokhin-tech.ru-le-ssl.conf:2)
port 443 namevhost autismtest.api.mokhin-tech.ru (/etc/apache2/sites-enabled/autismtest.api.mokhin-tech.ru-le-ssl.conf:2)
port 443 namevhost downloads.mokhin-tech.ru (/etc/apache2/sites-enabled/downloads.mokhin-tech.ru-le-ssl.conf:2)
port 443 namevhost mokhin-tech.ru (/etc/apache2/sites-enabled/mokhin-tech.ru-le-ssl.conf:2)
alias www.mokhin-tech.ru
port 443 namevhost trollword.api.mokhin-tech.ru (/etc/apache2/sites-enabled/trollword.api.mokhin-tech.ru-le-ssl.conf:2)
port 443 namevhost trollword.mokhin-tech.ru (/etc/apache2/sites-enabled/trollword.mokhin-tech.ru-le-ssl.conf:2)
port 443 namevhost update.mokhin-tech.ru (/etc/apache2/sites-enabled/update.mokhin-tech.ru-le-ssl.conf:2)
*:80 is a NameVirtualHost
default server defsrv.mokhin-tech.ru (/etc/apache2/sites-enabled/000-default.conf:9)
port 80 namevhost defsrv.mokhin-tech.ru (/etc/apache2/sites-enabled/000-default.conf:9)
port 80 namevhost api.mokhin-tech.ru (/etc/apache2/sites-enabled/api.mokhin-tech.ru.conf:1)
port 80 namevhost autismtest.api.mokhin-tech.ru (/etc/apache2/sites-enabled/autismtest.api.mokhin-tech.ru.conf:1)
port 80 namevhost downloads.mokhin-tech.ru (/etc/apache2/sites-enabled/downloads.mokhin-tech.ru.conf:1)
port 80 namevhost mokhin-tech.ru (/etc/apache2/sites-enabled/mokhin-tech.ru.conf:1)
alias www.mokhin-tech.ru
port 80 namevhost trollword.api.mokhin-tech.ru (/etc/apache2/sites-enabled/trollword.api.mokhin-tech.ru.conf:1)
port 80 namevhost trollword.mokhin-tech.ru (/etc/apache2/sites-enabled/trollword.mokhin-tech.ru.conf:1)
port 80 namevhost update.mokhin-tech.ru (/etc/apache2/sites-enabled/update.mokhin-tech.ru.conf:1)
ServerRoot: "/etc/apache2"
Main DocumentRoot: "/var/www/html"
Main ErrorLog: "/var/log/apache2/error.log"
Mutex watchdog-callback: using_defaults
Mutex rewrite-map: using_defaults
Mutex ssl-stapling-refresh: using_defaults
Mutex ssl-stapling: using_defaults
Mutex proxy: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/var/lock/apache2" mechanism=fcntl
Mutex mpm-accept: using_defaults
PidFile: "/var/run/apache2/apache2.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="denis" id=1000
Group: name="www-data" id=33
And I’ve got new certs for all my domains and subdomains!
2 Likes
That's amazing. Happy to read that it has worked
1 Like
system
Closed
July 20, 2019, 7:10am
7
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.