My domain is: wealthychef.net
I ran this command:
certbot-auto --apache
It produced the below output. The logfile output is also useful and included below. It’s looong. But I think it’s important to include it all.
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Which names would you like to activate HTTPS for?
1: wealthychef.net
2: blog.wealthychef.net
3-5: (redacted)
6: www.wealthychef.net
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter ‘c’ to cancel):
Cert not yet due for renewal
You have an existing certificate that has exactly the same domains or certificate name you requested and isn’t close to expiry.
(ref: /etc/letsencrypt/renewal/wealthychef.net.conf)
What would you like to do?
1: Attempt to reinstall this existing certificate
2: Renew & replace the cert (limit ~5 per 7 days)
Select the appropriate number [1-2] then [enter] (press ‘c’ to cancel): 1
Keeping the existing certificate
Created an SSL vhost at /etc/apache2/sites-available/wealthychef.net-le-ssl.conf
Deploying Certificate to VirtualHost /etc/apache2/sites-available/wealthychef.net-le-ssl.conf
Enabling available site: /etc/apache2/sites-available/wealthychef.net-le-ssl.conf
Created an SSL vhost at /etc/apache2/sites-available/wealthychef.net-le-ssl.conf
Deploying Certificate to VirtualHost /etc/apache2/sites-available/wealthychef.net-le-ssl.conf
Created an SSL vhost at /etc/apache2/sites-available/wealthychef.net-le-ssl.conf
Deploying Certificate to VirtualHost /etc/apache2/sites-available/wealthychef.net-le-ssl.conf
Created an SSL vhost at /etc/apache2/sites-available/wealthychef.net-le-ssl.conf
Deploying Certificate to VirtualHost /etc/apache2/sites-available/wealthychef.net-le-ssl.conf
Created an SSL vhost at /etc/apache2/sites-available/wealthychef.net-le-ssl.conf
Deploying Certificate to VirtualHost /etc/apache2/sites-available/wealthychef.net-le-ssl.conf
An unexpected error occurred:
ValueError: Unable to set value to path!
Please see the logfiles in /var/log/letsencrypt for more details.
IMPORTANT NOTES:
- Unable to install the certificate
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/wealthychef.net/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/wealthychef.net/privkey.pem
Your cert will expire on 2019-05-01. To obtain a new or tweaked
version of this certificate in the future, simply run certbot-auto
again with the “certonly” option. To non-interactively renew all
of your certificates, run “certbot-auto renew”
Here are the logfile contents, which I have to paste because I’m not allowed to upload attachments, apologies:
2019-01-31 00:49:49,180:DEBUG:certbot.main:certbot version: 0.30.2
2019-01-31 00:49:49,181:DEBUG:certbot.main:Arguments: [’–apache’]
2019-01-31 00:49:49,181:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2019-01-31 00:49:49,198:DEBUG:certbot.log:Root logging level set at 20
2019-01-31 00:49:49,198:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2019-01-31 00:49:49,199:DEBUG:certbot.plugins.selection:Requested authenticator apache and installer apache
2019-01-31 00:49:49,309:DEBUG:certbot_apache.configurator:Apache version is 2.4.10
2019-01-31 00:49:49,855:DEBUG:certbot.plugins.selection:Single candidate plugin: * apache
Description: Apache Web Server plugin
Interfaces: IAuthenticator, IInstaller, IPlugin
Entry point: apache = certbot_apache.entrypoint:ENTRYPOINT
Initialized: <certbot_apache.override_debian.DebianConfigurator object at 0x7f4936c09d90>
Prep: True
2019-01-31 00:49:49,856:DEBUG:certbot.plugins.selection:Selected authenticator <certbot_apache.override_debian.DebianConfigurator object at 0x7f4936c09d90> and installer <certbot_apache.override_debian.DebianConfigurator object at 0x7f4936c09d90>
2019-01-31 00:49:49,856:INFO:certbot.plugins.selection:Plugins selected: Authenticator apache, Installer apache
2019-01-31 00:49:49,861:DEBUG:certbot.main:Picked account: <Account(RegistrationResource(body=Registration(status=None, terms_of_service_agreed=None, agreement=None, only_return_existing=None, contact=(), key=None, external_account_binding=None), uri=u’https://acme-v02.api.letsencrypt.org/acme/acct/50584716’, new_authzr_uri=None, terms_of_service=None), 7e4ec05be372a305649db45f54356b9a, Meta(creation_host=u’linode.richcook.net’, creation_dt=datetime.datetime(2019, 1, 31, 7, 45, 18, tzinfo=)))>
2019-01-31 00:49:49,863:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2019-01-31 00:49:49,865:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443
2019-01-31 00:49:49,998:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 “GET /directory HTTP/1.1” 200 658
2019-01-31 00:49:49,999:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 658
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Thu, 31 Jan 2019 08:49:49 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 31 Jan 2019 08:49:49 GMT
Connection: keep-alive
{
“BEQZQaQMJsQ”: “Adding random entries to the directory”,
“keyChange”: “https://acme-v02.api.letsencrypt.org/acme/key-change”,
“meta”: {
“caaIdentities”: [
“letsencrypt.org”
],
“termsOfService”: “https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf”,
“website”: “https://letsencrypt.org”
},
“newAccount”: “https://acme-v02.api.letsencrypt.org/acme/new-acct”,
“newNonce”: “https://acme-v02.api.letsencrypt.org/acme/new-nonce”,
“newOrder”: “https://acme-v02.api.letsencrypt.org/acme/new-order”,
“revokeCert”: “https://acme-v02.api.letsencrypt.org/acme/revoke-cert”
}
2019-01-31 00:50:01,970:INFO:certbot.renewal:Cert not yet due for renewal
2019-01-31 00:50:14,133:INFO:certbot.main:Keeping the existing certificate
2019-01-31 00:50:14,134:DEBUG:certbot.reporter:Reporting to user: Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/wealthychef.net/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/wealthychef.net/privkey.pem
Your cert will expire on 2019-05-01. To obtain a new or tweaked version of this certificate in the future, simply run certbot-auto again with the “certonly” option. To non-interactively renew all of your certificates, run “certbot-auto renew”
2019-01-31 00:50:14,148:INFO:certbot_apache.configurator:Created an SSL vhost at /etc/apache2/sites-available/wealthychef.net-le-ssl.conf
2019-01-31 00:50:14,157:DEBUG:certbot.reverter:Creating backup of /etc/apache2/sites-available/wealthychef.net-le-ssl.conf
2019-01-31 00:50:14,284:INFO:certbot_apache.configurator:Deploying Certificate to VirtualHost /etc/apache2/sites-available/wealthychef.net-le-ssl.conf
2019-01-31 00:50:14,285:INFO:certbot_apache.override_debian:Enabling available site: /etc/apache2/sites-available/wealthychef.net-le-ssl.conf
2019-01-31 00:50:14,315:INFO:certbot_apache.configurator:Created an SSL vhost at /etc/apache2/sites-available/wealthychef.net-le-ssl.conf
2019-01-31 00:50:14,457:INFO:certbot_apache.configurator:Deploying Certificate to VirtualHost /etc/apache2/sites-available/wealthychef.net-le-ssl.conf
2019-01-31 00:50:14,492:INFO:certbot_apache.configurator:Created an SSL vhost at /etc/apache2/sites-available/wealthychef.net-le-ssl.conf
2019-01-31 00:50:14,642:INFO:certbot_apache.configurator:Deploying Certificate to VirtualHost /etc/apache2/sites-available/wealthychef.net-le-ssl.conf
2019-01-31 00:50:14,680:INFO:certbot_apache.configurator:Created an SSL vhost at /etc/apache2/sites-available/wealthychef.net-le-ssl.conf
2019-01-31 00:50:14,840:INFO:certbot_apache.configurator:Deploying Certificate to VirtualHost /etc/apache2/sites-available/wealthychef.net-le-ssl.conf
2019-01-31 00:50:14,884:INFO:certbot_apache.configurator:Created an SSL vhost at /etc/apache2/sites-available/wealthychef.net-le-ssl.conf
2019-01-31 00:50:15,065:INFO:certbot_apache.configurator:Deploying Certificate to VirtualHost /etc/apache2/sites-available/wealthychef.net-le-ssl.conf
2019-01-31 00:50:15,151:DEBUG:certbot.error_handler:Encountered exception:
Traceback (most recent call last):
File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/client.py”, line 516, in deploy_certificate
fullchain_path=fullchain_path)
File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot_apache/configurator.py”, line 334, in deploy_cert
vhosts = self.choose_vhosts(domain)
File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot_apache/configurator.py”, line 358, in choose_vhosts
return [self.choose_vhost(domain, create_if_no_ssl)]
File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot_apache/configurator.py”, line 542, in choose_vhost
self._add_servername_alias(target_name, vhost)
File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot_apache/configurator.py”, line 1449, in _add_servername_alias
self.parser.add_dir(vh_path, “ServerAlias”, target_name)
File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot_apache/parser.py”, line 329, in add_dir
self.aug.set(aug_conf_path + “/directive[last() + 1]”, directive)
File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/augeas.py”, line 187, in set
raise ValueError(“Unable to set value to path!”)
ValueError: Unable to set value to path!
2019-01-31 00:50:15,151:DEBUG:certbot.error_handler:Calling registered functions
2019-01-31 00:50:15,152:DEBUG:certbot.reporter:Reporting to user: Unable to install the certificate
2019-01-31 00:50:15,153:DEBUG:certbot.log:Exiting abnormally:
Traceback (most recent call last):
File “/opt/eff.org/certbot/venv/bin/letsencrypt”, line 11, in
sys.exit(main())
File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/main.py”, line 1364, in main
return config.func(config, plugins)
File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/main.py”, line 1125, in run
_install_cert(config, le_client, domains, new_lineage)
File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/main.py”, line 759, in _install_cert
path_provider.cert_path, path_provider.chain_path, path_provider.fullchain_path)
File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/client.py”, line 516, in deploy_certificate
fullchain_path=fullchain_path)
File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot_apache/configurator.py”, line 334, in deploy_cert
vhosts = self.choose_vhosts(domain)
File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot_apache/configurator.py”, line 358, in choose_vhosts
return [self.choose_vhost(domain, create_if_no_ssl)]
File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot_apache/configurator.py”, line 542, in choose_vhost
self._add_servername_alias(target_name, vhost)
File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot_apache/configurator.py”, line 1449, in _add_servername_alias
self.parser.add_dir(vh_path, “ServerAlias”, target_name)
File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot_apache/parser.py”, line 329, in add_dir
self.aug.set(aug_conf_path + “/directive[last() + 1]”, directive)
File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/augeas.py”, line 187, in set
raise ValueError(“Unable to set value to path!”)
ValueError: Unable to set value to path!
2019-01-31 00:50:15,153:ERROR:certbot.log:An unexpected error occurred:
(EOF)
My web server is (include version):
Package: apache2 2.4.10-10+deb8u13
The operating system my web server runs on is (include version):
Debian 8 Jesse
My hosting provider, if applicable, is:
linode
I can login to a root shell on my machine (yes or no, or I don’t know):
yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
certbot 0.30.2
. Looks like Certbot is not managing to properly understand your Apache configuration.