Could not be found to be deleted /etc/apache2/sites-available/000-default-le-ssl.conf


#1

Hi I am not able to install the certificate on my server. It always fails with the error:

  • Could not be found to be deleted /etc/apache2/sites-available/000-default-le-ssl.conf - Certbot probably shut down unexpectedly
    An unexpected error occurred:
    StopIteration
    Please see the logfiles in /var/log/letsencrypt for more details.

The certificate is saved though.
IMPORTANT NOTES:

  • Unable to install the certificate
  • Congratulations! Your certificate and chain have been saved at:

My domain is: dev.efaith.co.in

I ran this command: sudo ./certbot-auto --apache

It produced this output:

  • Could not be found to be deleted /etc/apache2/sites-available/000-default-le-ssl.conf - Certbot probably shut down unexpectedly
    An unexpected error occurred:
    StopIteration
    Please see the logfiles in /var/log/letsencrypt for more details.

My web server is (include version): Server version: Apache/2.4.18 (Ubuntu)

The operating system my web server runs on is (include version): Ubuntu 16.04

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): NO


#2

Here is the contents of letsencrypt.loh. Please help :frowning:

Your key file has been saved at:
/etc/letsencrypt/live/dev.efaith.co.in/privkey.pem
Your cert will expire on 2018-09-09. To obtain a new or tweaked version of this certificate in the future, simply run certbot again with the “certonly” option. To non-interactively renew all of your certificates, run “certbot renew”
2018-06-11 15:28:45,797:DEBUG:certbot.error_handler:Encountered exception:
Traceback (most recent call last):
File “/usr/lib/python3/dist-packages/certbot/client.py”, line 442, in deploy_certificate
fullchain_path=fullchain_path)
File “/usr/lib/python3/dist-packages/certbot_apache/configurator.py”, line 302, in deploy_cert
vhosts = self.choose_vhosts(domain)
File “/usr/lib/python3/dist-packages/certbot_apache/configurator.py”, line 326, in choose_vhosts
return [self.choose_vhost(domain)]
File “/usr/lib/python3/dist-packages/certbot_apache/configurator.py”, line 501, in choose_vhost
vhost = self.make_vhost_ssl(vhost)
File “/usr/lib/python3/dist-packages/certbot_apache/configurator.py”, line 1074, in make_vhost_ssl
self._copy_create_ssl_vhost_skeleton(nonssl_vhost, ssl_fp)
File “/usr/lib/python3/dist-packages/certbot_apache/configurator.py”, line 1220, in _copy_create_ssl_vhost_skeleton
ssl_vh_contents, sift = self._sift_rewrite_rules(orig_contents)
File “/usr/lib/python3/dist-packages/certbot_apache/configurator.py”, line 1292, in _sift_rewrite_rules
line = next(contents)
StopIteration

2018-06-11 15:28:45,797:DEBUG:certbot.error_handler:Calling registered functions
2018-06-11 15:28:45,797:WARNING:certbot.reverter:File:

  • Could not be found to be deleted /etc/apache2/sites-available/000-default-le-ssl.conf - Certbot probably shut down unexpectedly
    2018-06-11 15:28:45,798:DEBUG:certbot.reporter:Reporting to user: Unable to install the certificate
    2018-06-11 15:28:45,798:DEBUG:certbot.log:Exiting abnormally:
    Traceback (most recent call last):
    File “/usr/bin/certbot”, line 11, in
    load_entry_point(‘certbot==0.22.2’, ‘console_scripts’, ‘certbot’)()
    File “/usr/lib/python3/dist-packages/certbot/main.py”, line 1266, in main
    return config.func(config, plugins)
    File “/usr/lib/python3/dist-packages/certbot/main.py”, line 1038, in run
    _install_cert(config, le_client, domains, new_lineage)
    File “/usr/lib/python3/dist-packages/certbot/main.py”, line 760, in _install_cert
    path_provider.cert_path, path_provider.chain_path, path_provider.fullchain_path)
    File “/usr/lib/python3/dist-packages/certbot/client.py”, line 442, in deploy_certificate
    fullchain_path=fullchain_path)
    File “/usr/lib/python3/dist-packages/certbot_apache/configurator.py”, line 302, in deploy_cert
    vhosts = self.choose_vhosts(domain)
    File “/usr/lib/python3/dist-packages/certbot_apache/configurator.py”, line 326, in choose_vhosts
    return [self.choose_vhost(domain)]
    File “/usr/lib/python3/dist-packages/certbot_apache/configurator.py”, line 501, in choose_vhost
    vhost = self.make_vhost_ssl(vhost)
    File “/usr/lib/python3/dist-packages/certbot_apache/configurator.py”, line 1074, in make_vhost_ssl
    self._copy_create_ssl_vhost_skeleton(nonssl_vhost, ssl_fp)
    File “/usr/lib/python3/dist-packages/certbot_apache/configurator.py”, line 1220, in _copy_create_ssl_vhost_skeleton
    ssl_vh_contents, sift = self._sift_rewrite_rules(orig_contents)
    File “/usr/lib/python3/dist-packages/certbot_apache/configurator.py”, line 1292, in _sift_rewrite_rules
    line = next(contents)
    StopIteration
    2018-06-11 15:28:45,799:ERROR:certbot.log:An unexpected error occurred:

#3

@bmw, could you think of what circumstances could cause this?

@sourabh, could you post the complete log somewhere? It looks like the version that you posted got partially truncated.


#4

@schoen
Here is the link to complete log


#5

This might be an instance of https://github.com/certbot/certbot/issues/5255. If so, see https://github.com/certbot/certbot/issues/5255#issuecomment-346183223 for how to fix it.

If this doesn’t look applicable, can you post the full contents of the virtual host for dev.efaith.co.in?


#6

@bmw Thanks. that fixed the issue.
One more question. I had tried to install the certificate so many times, so I was getting this error:
Error creating new cert :: too many certificates already issued for exact set of domains:

Therefore I was trying to install using --staging option.
Now that it is working, How should I move to production?
installing again without --staging will work?
certbot-auto --apache?


#7

That is a correct way to use the production server, but the problem reported by the error message is real.

https://crt.sh/?Identity=%dev.efaith.co.in&iCAID=16418

In this case Certbot crashed after obtaining the certificates, so the valid certificates already do exist (and the rate limit legitimately applies to this situation). Perhaps you could use the existing valid certificates on your system. You can view the status with certbot certificates and potentially re-run just the installer with certbot install.


#8

@schoen Thank you.
I actually deleted the certificates. In the process of trying. So certbot certificates just list the test certificate
Found the following certs:
Certificate Name: dev.efaith.co.in
Domains: dev.efaith.co.in
Expiry Date: 2018-09-09 13:56:29+00:00 (INVALID: TEST_CERT)
Certificate Path: /path/to/fullchain.pem
Private Key Path: /path/to/privkey.pem

Maybe If I try after one week, I’ll be able to install?


#9

If you need to set things up sooner, you might have a backup of the private keys in /etc/letsencrypt/keys and you could get the certificates from https://crt.sh/. However, this means a lot more work on your part compared to waiting for the expiry.

Did you ever use --break-my-certs to switch from a production cert to a test cert?

There’s also an option if you have another subdomain that you could add to the certificate when reissuing (since this isn’t considered an identical certificate, it’s not affected by this particular rate limit).


#10

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.