Could not find configuration root

hanks · June 28, 2021, 8:35am

My domain is:5x44.cn

I ran this command:certbot --apache

It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
The apache plugin is not working; there may be problems with your existing configuration.
The error was: NoInstallationError('Could not find configuration root')

/var/log/letsencrypt/letsencrypt.log ：
2021-06-28 16:01:31,956:DEBUG:urllib3.connectionpool:http://localhost:None "GET /v2/connections?snap=certbot&interface=content HTTP/1.1" 200 97
2021-06-28 16:01:33,524:DEBUG:certbot._internal.main:certbot version: 1.16.0
2021-06-28 16:01:33,524:DEBUG:certbot._internal.main:Location of certbot entry point: /snap/certbot/1201/bin/certbot
2021-06-28 16:01:33,524:DEBUG:certbot._internal.main:Arguments: ['--apache', '--preconfigured-renewal']
2021-06-28 16:01:33,524:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2021-06-28 16:01:33,574:DEBUG:certbot._internal.log:Root logging level set at 30
2021-06-28 16:01:33,578:DEBUG:certbot._internal.plugins.selection:Requested authenticator apache and installer apache
2021-06-28 16:01:34,536:DEBUG:certbot_apache._internal.configurator:Apache version is 2.4.46
2021-06-28 16:01:34,937:DEBUG:certbot._internal.plugins.disco:No installation (PluginEntryPoint#apache): Could not find configuration root
Traceback (most recent call last):
File "/var/lib/snapd/snap/certbot/1201/lib/python3.8/site-packages/certbot/_internal/plugins/disco.py", line 158, in prepare
self._initialized.prepare() # type: ignore
File "/var/lib/snapd/snap/certbot/1201/lib/python3.8/site-packages/certbot_apache/_internal/configurator.py", line 366, in prepare
self.parser = self.get_parser()
File "/var/lib/snapd/snap/certbot/1201/lib/python3.8/site-packages/certbot_apache/_internal/override_centos.py", line 81, in get_parser
return CentOSParser(
File "/var/lib/snapd/snap/certbot/1201/lib/python3.8/site-packages/certbot_apache/_internal/override_centos.py", line 169, in init
super().init(*args, **kwargs)
File "/var/lib/snapd/snap/certbot/1201/lib/python3.8/site-packages/certbot_apache/_internal/parser.py", line 62, in init
self.loc = {"root": self._find_config_root()}
File "/var/lib/snapd/snap/certbot/1201/lib/python3.8/site-packages/certbot_apache/_internal/parser.py", line 914, in _find_config_root
raise errors.NoInstallationError("Could not find configuration root")
certbot.errors.NoInstallationError: Could not find configuration root
2021-06-28 16:01:34,946:DEBUG:certbot._internal.plugins.selection:No candidate plugin
2021-06-28 16:01:34,946:DEBUG:certbot._internal.plugins.selection:Selected authenticator None and installer None

My web server is (include version):
apache 2.4.46

The operating system my web server runs on is (include version):
LSB Version: :core-4.1-amd64:core-4.1-noarch
Distributor ID: CentOS
Description: CentOS Linux release 8.3.2011
Release: 8.3.2011
Codename: n/a

My hosting provider, if applicable, is:
Huawei Cloud ECS server

I can login to a root shell on my machine (yes or no, or I don't know):yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):certbot 1.16.0

rg305 · June 28, 2021, 8:49am

Hi @hanks, and welcome to the LE community forum

Please show the output of:
apachectl -S

hanks · June 28, 2021, 9:01am

By the way, I use systemctl manage apache

*:80 www.5x44.cn (/usr/local/apache2/conf/httpd.conf:515)
ServerRoot: "/usr/local/apache2"
Main DocumentRoot: "/usr/local/apache2/htdocs"
Main ErrorLog: "/usr/local/apache2/logs/error_log"
Mutex default: dir="/usr/local/apache2/logs/" mechanism=default
PidFile: "/usr/local/apache2/logs/httpd.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="apache" id=993
Group: name="apache" id=990

rg305 · June 28, 2021, 9:03am

Please show:
grep -Ei 'servername|serveralias /usr/local/apache2/conf/httpd.conf`

hanks · June 28, 2021, 9:05am

# grep -Ei 'servername|serveralias' /usr/local/apache2/conf/httpd.conf
# ServerName gives the name and port that the server uses to identify itself.
ServerName www.5x44.cn:80
     ServerName www.5x44.cn

rg305 · June 28, 2021, 9:10am

Only "www" name is seen.
That doesn't match the stated domain name:

But that might not be a problem.

certbot has a problem finding the Apache configuration.

Perhaps you could try using --webroot authentication instead.

_az · June 28, 2021, 9:19am

Certbot on CentOS assumes that you are using the httpd package, which installs itself to /etc/httpd/.

It looks possibly like you installed Apache from source, which would explain why it is instead installed to /usr/local/apache/.

Besides trying the webroot method, you can also try and pass the relevant --apache flags to Certbot, in order to point it at your Apache installation.

The flags are:

  Apache Web Server plugin

  --apache-enmod APACHE_ENMOD
                        Path to the Apache 'a2enmod' binary (default: a2enmod)
  --apache-dismod APACHE_DISMOD
                        Path to the Apache 'a2dismod' binary (default: a2dismod)
  --apache-le-vhost-ext APACHE_LE_VHOST_EXT
                        SSL vhost configuration extension (default: -le-ssl.conf)
  --apache-server-root APACHE_SERVER_ROOT
                        Apache server root directory (default: /etc/apache2)
  --apache-vhost-root APACHE_VHOST_ROOT
                        Apache server VirtualHost configuration root (default: None)
  --apache-logs-root APACHE_LOGS_ROOT
                        Apache server logs directory (default: /var/log/apache2)
  --apache-challenge-location APACHE_CHALLENGE_LOCATION
                        Directory path for challenge configuration (default: /etc/apache2)
  --apache-handle-modules APACHE_HANDLE_MODULES
                        Let installer handle enabling required modules for you (Only Ubuntu/Debian
                        currently) (default: True)
  --apache-handle-sites APACHE_HANDLE_SITES
                        Let installer handle enabling sites for you (Only Ubuntu/Debian currently)
                        (default: True)
  --apache-ctl APACHE_CTL
                        Full path to Apache control script (default: apache2ctl)
  --apache-bin APACHE_BIN
                        Full path to apache2/httpd binary (default: None)

hanks · June 29, 2021, 5:37am

I use the command:certbot certonly --webroot -w /usr/local/apache2/htdocs/www . and then? how to next?whether need config apache by hand?

rg305 · June 29, 2021, 3:41pm

Include the domain(s) that match that --webroot path.

Yes, certonly will only get a cert; we will have to manually create the vhost config to use it.

system · July 29, 2021, 3:42pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.