Certbot does now know how to configure my Apache webserver

Help
1

My domain is: eclipseofbutterflies.ml

I ran this command:: sudo certbot

It produced this output: Certbot doesn't know how to automatically configure the web server on this system. However, it can still get a certificate for you. Please run "certbot certonly" to do so. You'll need to manually configure your web server to use the resulting certificate.

My web server is (include version): Apache/ 2.4.41

The operating system my web server runs on is (include version): Linux Mint 20.2 Uma

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know): Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No

The version of my client is: certbot 1.17.0

Copy of let's encrypt log just in case it is needed Ubuntu Pastebin

1 Like
2

The letsencrypt.log file still shows your syntax error.. I guess it wasn't fixed after all?

2 Likes
3

It was fixed it's just that there was nothing new logged now that I look at it. atleast I think so

1 Like
4

I believe the syntax error is still there. It wouldn't make any sense for certbot to log nothing at all when it encounters a rather regular error.

1 Like
5

I use the following regular expression in my text editor when I search help-seekers' configuration files for improper characters:

[^\w \n(){}\[\]'"#\\@!$&%.^~?=;/,+\|<>*:-]
1 Like
6

@griffin If you want to take a shot at @ScarletDevil25 s Apache configuration at The error was: PluginError('There has been an error in parsing the file /etc/apache2/sites-enabled/ssl-eclipseofbutterflies.ml.conf on line 132: Syntax error') please be my guest.

2 Likes
7

I saw it, but I'm running now. :slightly_frowning_face: I'll check into it once I can.

2 Likes
8
  1. Remove the cruft.
sudo rm /etc/apache2/sites-available/ssl-eclipseofbutterflies.ml.conf
  1. Install your clean configuration file.

Download this:
ssl-eclipseofbutterflies.ml.conf.txt (1.1 KB)

Put it here:
/etc/apache2/sites-available

Run this:

sudo mv /etc/apache2/sites-available/ssl-eclipseofbutterflies.ml.conf.txt /etc/apache2/sites-available/ssl-eclipseofbutterflies.ml.conf
  1. Reload Apache.
sudo apachectl -k graceful
  1. Run certbot.
sudo certbot --apache -d "eclipseofbutterflies.ml,www.eclipseofbutterflies.ml"
1 Like
9

hmm would it be possible for me to use a wildcard with running certbot, I'll try the new config when I get home

1 Like
10

Yes. Keep in mind though that certification of a wildcard domain name can only be automated by fulfilling a dns-01 challenge via a dns-plugin whereas certification of a non-wildcard domain name can also be automated by fulfilling an http-01 challenge via the apache, nginx, webroot, or standalone authenticators.

1 Like
11

What would the command be if my DNS provider is Cloudflare.?

1 Like
12

There is a certbot dns-plugin for Cloudflare. Before you go that route though, are you intending to use Cloudflare's content delivery network (CDN) where Cloudflare acts as a reverse proxy for your webserver?

If so, I highly recommend reading how TLS/SSL works with Cloudflare:

You would probably be better off using a Cloudflare Origin CA certificate rather than a Let's Encrypt certificate.

2 Likes
13

I do use Cloudflare as a reverse proxy but I would still like to use Let's Encrypt as my cert provider for my origin server

sudo certbot --apache -d "*eclipseofbutterflies.ml" --dns-cloudflare-credentials

Would this be the correct command?

or this?

sudo certbot  --dns-cloudflare-credentials -d "*eclipseofbutterflies.ml"

I had to fix all my SSL configs apparently

1 Like
14

Are you meaning *.eclipseofbutterflies.ml ?

First, run these to install certbot-dns-cloudflare:

sudo snap install core

sudo snap refresh core

sudo snap set certbot trust-plugin-with-root=ok

sudo snap install certbot-dns-cloudflare

Then, read the certbot-dns-cloudflare instructions.

You will probably use a certbot command that will acquire your certificate via certbot-dns-cloudflare and install your certificate into Apache, like this:

sudo certbot -a dns-cloudflare --dns-cloudflare-credentials ~/.secrets/certbot/cloudflare.ini --dns-cloudflare-propagation-seconds 60 -d "eclipseofbutterflies.ml,*.eclipseofbutterflies.ml" -i apache
15

Interesting. my googling led me to install the plugin using python, I didn't realize there was a snap version

Running the commands give me this error, researching online it said to place the text`ini file on

/etc/letsencrypt/

image
image1177×553 20.1 KB

1 Like
16

Out of curiosity, what is the output of:

sudo certbot certonly --dns-cloudflare --dns-cloudflare-credentials ~/.secrets/certbot/cloudflare.ini --dns-cloudflare-propagation-seconds 60 -d "eclipseofbutterflies.ml,*.eclipseofbutterflies.ml" --dry-run

17

Here you go

image
image1162×159 5.96 KB

1 Like
18

Do you have the snap version of certbot installed?

19

According to snap yes but let me just remove the python version I installed and try again

1 Like
20

Make sure to run these in this order:

sudo snap install core

sudo snap refresh core

sudo snap set certbot trust-plugin-with-root=ok

sudo snap install certbot-dns-cloudflare

You need to remove ALL non-snap certbot packages first.