I'm running OpenSuse with Apache and have just installed certbot to get SSL running on my web server.
NAME=openSUSE
VERSION="13.2 (Harlequin)"
First installation failed and I got this error:
Cannot find a cert or key directive in /files/etc/apache2/vhosts.d/vhost-ssl.conf/IfDefine/IfDefine/VirtualHost. VirtualHost was not modified
Unable to find cert and/or key directives
I then manually edited the vhost-ssl.conf file and added:
SSLCertificateFile, SSLCertificateKeyFile,SSLCertificateChainFile to point to the files certbot generated.
Saved and restarted apache and SSL is now working.
Now trying the
certbot-auto renew --dry-run
But this causes apache2 to fail and I have to start it up manually.
Feb 25 16:09:37 suse systemd[1]: apache2.service: main process exited, code=exited, status=1/FAILURE
Feb 25 16:09:38 suse start_apache2[14704]: AH00112: Warning: DocumentRoot [/var/lib/letsencrypt/tls_sni_01_page/] does not exist
Feb 25 16:09:38 suse start_apache2[14704]: AH00112: Warning: DocumentRoot [/var/lib/letsencrypt/tls_sni_01_page/] does not exist
Feb 25 16:09:38 suse start_apache2[14704]: httpd (pid 14550?) not running
Feb 25 16:09:38 suse systemd[1]: Unit apache2.service entered failed state.
vhost-ssl.conf:
<IfDefine SSL>
<IfDefine !NOSSL>
<VirtualHost _default_:443>
# General setup for the virtual host
DocumentRoot "/srv/www/vhosts/blog"
ServerName blog.gjmccarthy.co.uk
ErrorLog /var/log/apache2/blog.gjmccarthy.co.uk-ssl-error_log
TransferLog /var/log/apache2/blog.gjmccarthy.co.uk-ssl-access_log
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
SSLHonorCipherOrder on
SSLCompression off
SSLOptions +StrictRequire
SSLEngine on
SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5
SSLCertificateFile /etc/letsencrypt/live/blog.gjmccarthy.co.uk/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/blog.gjmccarthy.co.uk/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/blog.gjmccarthy.co.uk/chain.pem
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/srv/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-5]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog /var/log/apache2/ssl_request_log ssl_combined
</VirtualHost>
</IfDefine>
</IfDefine>
Any ideas why this is happening? Let me know what other info I should provide.