Certbot does not find my virtual host in macOS

During my certbot setup an error pops up, that I dont understand.

Via DUMP_VHOSTS i can see that my port 80 virtual host is set up, but the certbot does not find this vhost:

% httpd -D DUMP_VHOSTS       
VirtualHost configuration:
*:80                   host.diresquirrel.selfhost.eu (/private/etc/apache2/extra/httpd-vhosts.conf:23)
*:443                  host.diresquirrel.selfhost.eu (/private/etc/apache2/extra/httpd-vhosts.conf:31)
% sudo certbot --apache      
Password:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
ssl_module is statically linked but --apache-bin is missing; not disabling session tickets.
Please enter the domain name(s) you would like on your certificate (comma and/or
space separated) (Enter 'c' to cancel): host.diresquirrel.selfhost.eu
Requesting a certificate for host.diresquirrel.selfhost.eu
Unable to find a virtual host listening on port 80 which is currently needed for Certbot to prove to the CA that you control your domain. Please add a virtual host for port 80.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.

What can I do to make certbot find my vhost?

My web server is (include version):
Server version: Apache/2.4.46 (Unix)

The operating system my web server runs on is (include version):
macOS Big Sur 11.5.1

My hosting provider, if applicable, is:
my local machine + selfhost.de DynDNS

I can login to a root shell on my machine (yes or no, or I don't know):
yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
certbot 1.18.0

Hi @ignite,

Would you please be able to share how you installed Apache on this server? It would help us track down what's going with issues that some users are reporting on Big Sur.

In the meantime, you may need to use certbot certonly --webroot.

I did not install Apache manually - I think it's the default apache installation of Big Sur - or does it come with Xcode? All I did was modifying the up the configs a bit (e.g. to set up local sites and the vhosts).

<VirtualHost *:80>
    DocumentRoot "/Library/WebServer/Documents/Default"
    ServerName host.diresquirrel.selfhost.eu
    ErrorLog "/private/var/log/apache2/host.diresquirrel.selfhost.eu-error_log"
    CustomLog "/private/var/log/apache2/host.diresquirrel.selfhost.eu-access_log" common
</VirtualHost>

<VirtualHost *:443>
    DocumentRoot "/Library/WebServer/Documents/Secure"
    ServerName host.diresquirrel.selfhost.eu
    ErrorLog "/private/var/log/apache2/host.diresquirrel.selfhost.eu-error_log"
    CustomLog "/private/var/log/apache2/host.diresquirrel.selfhost.eu-access_log" common
</VirtualHost>

Try a dry-run first:

certbot certonly \
--webroot -w /Library/WebServer/Documents/Default \
-d host.diresquirrel.selfhost.eu \
--dry-run

Because port 80 doesn't seem to be open:

curl -Iki host.diresquirrel.selfhost.eu
curl: (56) Recv failure: Connection reset by peer

And you may need to fix that first.

I changed my dynDNS provider (to http://diresquirrel.dynv6.net) but the port forwarding is not running properly, yet. I'll get back here as soon as that works.

@ignite, if you're still having trouble here and would like to use certbot --apache instead of certbot certonly --webroot, run brew uninstall --ignore-dependencies augeas && brew install augeas --head assuming you installed Certbot with Homebrew . See Investigate Apache plugin issues on Big Sur · Issue #8978 · certbot/certbot · GitHub for more info.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.