I have an Ubuntu LAMP server with a main domain and two sub domains. Each of the three have their own vhost file enabled.
When I try to run sudo certbot --apache I get the following error:
could not reverse map the https virtualhost to the original.
I've seen a few threads on this topic but I couldn't get any progress with their solutions because they all seem to be using CentOS. Are there specific instructions for Ubuntu? I followed these instructions: Certbot
I've added some notes that I hope can help in troublsehooting.
My domain is: davidtessier.ca
I ran this command: sudo certbot --apache
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Which names would you like to activate HTTPS for?
1: davidtessier.ca
2: notes.davidtessier.ca
3: test.davidtessier.caSelect the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel):1
Cert not yet due for renewal
You have an existing certificate that has exactly the same domains or certificate name you requested and isn't close to expiry.
(ref: /etc/letsencrypt/renewal/davidtessier.ca.conf)
What would you like to do?
1: Attempt to reinstall this existing certificate
2: Renew & replace the cert (limit ~5 per 7 days)Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 1
Keeping the existing certificate
Could not reverse map the HTTPS VirtualHost to the original
IMPORTANT NOTES:
- Unable to install the certificate
- Congratulations! Your certificate and chain have been saved at
/etc/letsencrypt/live/davidtessier.ca/fullchain.pem. Your cert will
expire on 2017-10-04. To obtain a new or tweaked version of this
certificate in the future, simply run certbot again with the
"certonly" option. To non-interactively renew all of your
certificates, run "certbot renew"
My operating system is (include version): Ubuntu 16.04
My web server is (include version): Apache2
My hosting provider, if applicable, is: DigitalOcean LAMP droplet
I can login to a root shell on my machine (yes or no, or I don't know): Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No, I use SSH terminal.
I have 3 vhost files. One for the main domain, one for each of my two subdomains.
They all look like this.
<VirtualHost *:80>
ServerAdmin support@davidtessier.ca
DocumentRoot /var/www/html #this part changes per .conf file
<Directory /var/www/html/>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<IfModule mod_dir.c>
DirectoryIndex index.php index.pl index.cgi index.html index.xhtml index.htm
</IfModule>
</VirtualHost>
In my apache.conf file, I have this section:
# Sets the default security model of the Apache2 HTTPD server. It does
# not allow access to the root filesystem outside of /usr/share and /var/www.
# The former is used by web applications packaged in Debian,
# the latter may be used for local directories served by the web server. If
# your system is serving content from a sub-directory in /srv you must allow
# access here, or in any related virtual host.
<Directory />
Options FollowSymLinks
AllowOverride None
Require all denied
</Directory>
<Directory /usr/share>
AllowOverride None
Require all denied
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
<VirtualHost davidtessier.ca:80>
ServerName davidtessier.ca
DocumentRoot /var/www/html
</VirtualHost>
<VirtualHost notes.davidtessier.ca:80>
ServerName notes.davidtessier.ca
DocumentRoot /var/www/laverna/dist
</VirtualHost>
<VirtualHost test.davidtessier.ca:80>
ServerName test.davidtessier.ca
DocumentRoot /var/www/testlink
</VirtualHost>
#<Directory /srv/>
# Options Indexes FollowSymLinks
# AllowOverride None
# Require all granted
#</Directory>