Conf-enabled vs sites-enabled

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g., so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:
sudo certbot --authenticator webroot --installer apache

It produced this output:
It only finds and

My web server is (include version):
Apache 2.4
The operating system my web server runs on is (include version):
Debian 8
My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):
I have sudo on this server
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
No. this server runs Nagios only, and we want to use SSL certs on it. I noticed that the server is setup to have conf-enabled instead of sites-enabled. I am not sure if that is the issue. I think it is, and I’m pretty sure they are not going to let me change that. Any ideas?


You can define the directory certbot looks for virtual hosts in with --apache-vhost-root, e.g.:

sudo certbot --authenticator webroot --installer apache --apache-vhost-root /etc/apache2/conf-enabled

Thank you. I tried that, and it still won’t pick them up. Do these vhosts require an A record?

Yes, --webroot authentication requires a running web server with an A (and/or AAAA) record pointed to it. If you need to get a certificate for a private domain name you must use the DNS TXT record authentication method instead.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.