Good morning. I have tried to get Let’s Encrypt SSLs via Certbot three times with three different server installs running every possible recommended configuration I can imagine or find via web.
I have tried using the various solutions given in here for the same error including creating my own example-ssl.conf files w/symlinks resulting in the inability for apache to restart. I am out of options… thus the need to create a new thread.
I ran this command: sudo certbot --apache
It produced this output: Could not reverse map the HTTPS VirtualHost to the original IMPORTANT NOTES:
Unable to install the certificate
Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/getcastlerock.com/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/getcastlerock.com/privkey.pem
My web server is (include version): Apache/2.4.34 (Ubuntu)
The operating system my web server runs on is (include version): Ubuntu 18.10 (Cosmic Cuttlefish)
I can login to a root shell on my machine (yes or no, or I don’t know): Yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No
I’m about to wipe this server and start over. I’m just guessing that the problem I’m having has something to do with the fact I’m using Ubuntu 18.10 or that I did a quick LAMP install with unknown taskel configurations (or a combination there of).
Can anyone give me some last thoughts or advise on this? I’m surprised I have not received more responses for support / troubleshooting.
The problem was that in sites-enabled/mysite.com (or in other one, or in htaccess too) there was forced redirection from non-https to https version (using RewriteRule ^ ..... ) . So, while site is till not using HTTPS, that forced redirection makes the problem, comment those lines before your site has SSL.
You have one certificate with three domains and six domain names.
That may be part of the problem.
The easier situation:
One port 80 vHost per domain.
One certificate per domain with non-www and www, so Certbot can create one vHost per domain.
“There are other threads with the same message.”
Again, I have read these other threads and they are either non applicable to my setup/configuration or I tried to replicate their solutions without success. The Digital Ocean thread you quoted is not applicable as my VirtualHost config already has all RewriteRules commented out. Please correct me if I am wrong on this.
“You have one certificate with three domains and six domain names.”
I selected all 6 domains as per instructions… why would only one certificate have been created? Again, why was did Certbot not create -ssl.conf files for each domain… for any domain?
“One port 80 vHost per domain.
One certificate per domain with non-www and www, so Certbot can create one vHost per domain.”
I have a separate port 80 VirtualHost .conf file for each domain.
-rw-r–r-- 1 root root 1083 Apr 29 09:49 getcastlerock.conf
-rw-r–r-- 1 root root 1069 Apr 29 09:48 tokolyphoto.conf
-rw-r–r-- 1 root root 510 Apr 26 17:28 truxitup.conf
Each website is live and running.
I am admittedly new to this and would appreciate any further elaboration on your above suggestions. What am I missing?
Result:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Obtaining a new certificate
Could not reverse map the HTTPS VirtualHost to the original
IMPORTANT NOTES:
Unable to install the certificate
Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/truxitup.com/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/truxitup.com/privkey.pem
Your cert will expire on 2019-07-29. To obtain a new or tweaked
version of this certificate in the future, simply run certbot again
with the “certonly” option. To non-interactively renew all of
your certificates, run “certbot renew”
I have decided to wipe the server and start over with Ubuntu 18.04 LTS. I will update this thread once I am up and running… hopefully with a better outcome.