Does not renew (apache) certificates


#1

Hello,

though the renewal worked several times already in the past, it now stopped working. Not sure what the problem really is. I have all certificates (from last renewal) and don’t want that letsencrypt does anything with my existing apache2 installation. The server hosts a number of domains, all of them are vhosts and so far everything worked fine.

./letsencrypt-auto renew gives me something like this:
Checking for new version...Requesting root privileges to run letsencrypt…
/root/.local/share/letsencrypt/bin/letsencrypt renew
-------------------------------------------------------------------------------Processing /etc/letsencrypt/renewal/griesser2.de-0001.conf
------------------------------------------------------------------------------- 2016-05-03 22:10:55,795:WARNING:letsencrypt.renewal:Attempting to renew cert from /etc/letsencrypt/renewal/mydomain1.conf produced an unexpected error: Failed to run Apache plugin non-interactively Missing command line flag or config entry for this setting: We were unable to find a vhost with a ServerName or Address of dom99.com. Which virtual host would you like to choose? (note: conf files with multiple vhosts are not yet supported) Choices: ['dom2.conf | | HTTPS | ', 'dom3.conf | Multiple Names | | Enabled', 'dom4.conf | Multiple Names | | Enabled', 'dom5.conf | Multiple Names | | Enabled', 'dom6.conf | Multiple Names | | Enabled'] (The best solution is to add ServerName or ServerAlias entries to the VirtualHost directives of your apache configuration files.). Skipping.
All renewal attempts failed. The following certs could not be renewed: /etc/letsencrypt/live/domain1/fullchain.pem (failure) 1 renew failure(s), 0 parse failure(s)

The dom99.com exists. Apache works fine (for all domains). So I’m not really sure what to do. I can post more logs/configs. I also tried “certonly” (failed as well).

My guess is, that others have this problem too and maybe can give me a hint.

Thanks a lot for your support!
Cheers from Vienna,
Georg


For all of those running multiple sites and having stress with renewals
#2

This is a recent change in the letsencrypt client. The documentation has always stated that it does not support multiple vhosts per file. But it worked anyway until the latest version. Essentially, you have to separate your apache site config files so there is one per vhost. So for example.com, you’d have one for example.com-80.conf and example.com-443.conf in order to support both http and https. I know it’s a pain, but it’s the workaround. And from the discussions I’ve been a part of, I doubt they are going to fix it, so it’s the only solution you have.


#3

Thanks a lot - this was the solution! It works perfectly now.

All the best and cheers from Vienna,
Georg


#4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.