Certbot Usage and old version

Heiko1 · February 1, 2018, 6:26pm

Hello,
sorry for not using the template. I haven’t used certbot for a few months. Today i wanted to create an cert. for my ssl connection, but it doesn’t work. Last time I just used “certbot” then i selected my apache2 vhost (port 80), then it asked me wehter i want to use it easy or secured. Then i select secure and thats it. But now it just doesn’t work on this way. What do I have to do if i want use it like this. Or how can I use it like this. I already read this https://certbot.eff.org/#debianstretch-apache
but it doesn’t help ME. I am a bit desperate now and i just want to get it running.

Hope anyone can help me.

-Heiko

mnordhoff · February 1, 2018, 6:40pm

What version of Certbot is it?

What error message is it returning?

If it's a version of Certbot before 0.21.0 and it's saying "Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA.", older versions of the Apache plugin used TLS-SNI validation, which is being phased out. You would need to upgrade Certbot, or run a slightly different command.

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

Heiko1 · February 1, 2018, 6:57pm

My domain is:
I ran this command: certbot

It produced this output: Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA.
Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA.

after I choosed my vhost

My web server is (include version): apache2 version 2.4.25

The operating system my web server runs on is (include version): Debian 9 Stretch Debian 9.3

My hosting provider, if applicable, is: Its a VPS at Contabo

I can login to a root shell on my machine (yes or no, or I don’t know): Yes I can login with root

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): I use Webmin 1.870 to manage my vhosts

mhh hope this will help you

schoen · February 1, 2018, 6:58pm

Please see the thread at

which @mnordhoff has mentioned above. This describes the reason for this problem and a potential solution to it.

Heiko1 · February 1, 2018, 7:13pm

I read it. I have to run “certbot --authenticator standalone --installer apache” if im right.
But it gives me out this after i choosed my vhost:

Problem binding to port 80: Could not bind to IPv4 or IPv6.

mnordhoff · February 1, 2018, 7:32pm

What if you use “webroot” instead of “standalone”?

The standalone authenticator won’t work while Apache is running.

Heiko1 · February 1, 2018, 7:45pm

It asked me wich webroot i want to use. I can select “Enter a new Webroot” only. What kind of information do I have to enter?

Heiko1 · February 1, 2018, 7:47pm

wow it still works. Thank you very much you fkn genius <3

system · March 3, 2018, 7:47pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.