Hello, I'm seeing the error described and I'm not understanding what the logs are telling me is wrong... any suggestions? Thanks!
My domain is:
dev.krobeinteractive.com
I ran this command:
sudo certbot certonly --apache
It produced this output:
(see output pasted at the end of this post)
My web server is:
Server version: Apache/2.4.6 (CentOS)
Server built: Nov 10 2021 14:26:31
The operating system my web server runs on is (include version):
CentOS Linux release 7.9.2009 (Core)
My hosting provider, if applicable, is:
Running locally on Virtualbox
I can login to a root shell on my machine:
yes
I'm using a control panel to manage my site:
no
The version of my client is:
certbot 1.22.0
Output of the command:
2022-01-10 16:03:58,305:DEBUG:urllib3.connectionpool:http://localhost:None "GET /v2/connections?snap=certbot&interface=content HTTP/1.1" 200 97
2022-01-10 16:03:58,784:DEBUG:certbot._internal.main:certbot version: 1.22.0
2022-01-10 16:03:58,784:DEBUG:certbot._internal.main:Location of certbot entry point: /snap/certbot/1670/bin/certbot
2022-01-10 16:03:58,784:DEBUG:certbot._internal.main:Arguments: ['--apache', '--preconfigured-renewal']
2022-01-10 16:03:58,784:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2022-01-10 16:03:58,800:DEBUG:certbot._internal.log:Root logging level set at 30
2022-01-10 16:03:58,801:DEBUG:certbot._internal.plugins.selection:Requested authenticator apache and installer apache
2022-01-10 16:03:59,023:DEBUG:certbot_apache._internal.configurator:Apache version is 2.4.6
2022-01-10 16:04:00,101:WARNING:certbot_apache._internal.configurator:Could not find ssl_module; not disabling session tickets.
2022-01-10 16:04:00,102:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * apache
Description: Apache Web Server plugin
Interfaces: Installer, Authenticator, Plugin
Entry point: apache = certbot_apache._internal.entrypoint:ENTRYPOINT
Initialized: <certbot_apache._internal.override_centos.CentOSConfigurator object at 0x7f2ae9490a60>
Prep: True
2022-01-10 16:04:00,102:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * apache
Description: Apache Web Server plugin
Interfaces: Installer, Authenticator, Plugin
Entry point: apache = certbot_apache._internal.entrypoint:ENTRYPOINT
Initialized: <certbot_apache._internal.override_centos.CentOSConfigurator object at 0x7f2ae9490a60>
Prep: True
2022-01-10 16:04:00,102:DEBUG:certbot._internal.plugins.selection:Selected authenticator <certbot_apache._internal.override_centos.CentOSConfigurator object at 0x7f2ae9490a60> and installer <certbot_apache._internal.override_centos.CentOSConfigurator object at 0x7f2ae9490a60>
2022-01-10 16:04:00,103:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator apache, Installer apache
2022-01-10 16:04:00,108:DEBUG:certbot._internal.main:Picked account: <Account(RegistrationResource(body=Registration(key=None, contact=(), agreement=None, status=None, terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-v02.api.letsencrypt.org/acme/acct/358208020', new_authzr_uri=None, terms_of_service=None), 72068b6ec0d3d8e3a51b437394c4628d, Meta(creation_dt=datetime.datetime(2022, 1, 10, 20, 41, 9, tzinfo=), creation_host='beerserver', register_to_eff='rkroboth@gmail.com'))>
2022-01-10 16:04:00,109:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2022-01-10 16:04:00,111:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443
2022-01-10 16:04:00,343:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658
2022-01-10 16:04:00,345:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Mon, 10 Jan 2022 21:04:01 GMT
Content-Type: application/json
Content-Length: 658
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"RgedZFHhy74": "Adding random entries to the directory",
"keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
"meta": {
"caaIdentities": [
"letsencrypt.org"
],
"termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",
"website": "https://letsencrypt.org"
},
"newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
"newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
"newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
"revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}
2022-01-10 16:04:14,023:DEBUG:certbot._internal.display.obj:Notifying user: Requesting a certificate for dev.krobeinteractive.com
2022-01-10 16:04:14,087:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0002_key-certbot.pem
2022-01-10 16:04:14,090:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0002_csr-certbot.pem
2022-01-10 16:04:14,091:DEBUG:acme.client:Requesting fresh nonce
2022-01-10 16:04:14,091:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce.
2022-01-10 16:04:14,155:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0
2022-01-10 16:04:14,155:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Mon, 10 Jan 2022 21:04:15 GMT
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: https://acme-v02.api.letsencrypt.org/directory;rel="index"
Replay-Nonce: 0001MlsRnynC_98d4xS7MYnAIQoWie6Tjk-_Yimq1Y7Fn7s
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
2022-01-10 16:04:14,155:DEBUG:acme.client:Storing nonce: 0001MlsRnynC_98d4xS7MYnAIQoWie6Tjk-_Yimq1Y7Fn7s
2022-01-10 16:04:14,156:DEBUG:acme.client:JWS payload:
b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "dev.krobeinteractive.com"\n }\n ]\n}'
2022-01-10 16:04:14,158:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzU4MjA4MDIwIiwgIm5vbmNlIjogIjAwMDFNbHNSbnluQ185OGQ0eFM3TVluQUlRb1dpZTZUamstX1lpbXExWTdGbjdzIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ",
"signature": "eZNi3CHLNeBHEVW8PWMZu_zEz3ZfZczvvEiecEt3fdryqohmGKb0dZxdLLoiubFHN_pqPzFsy7fYYN-vlTgB0zKFu4TRuYFVgnIiTxFktoRvyfcFXqKIJnd5zBZlQBb_WqToqs1t8STCaGV-FoG47GFyJFVo0Z-Hhqmo4eGPaEfrYiW9h6T73BOs0C5wRulW-EC5TMptEHe-zmcQp1qtRQaiYOZDX7BSz1FQ-7-9T3hDiinfl9eYxWOHdKKKpMrsIn8r1cazPJA2czf15iwGJRLo_rc-T_FzTE3nJ45d4TVcs_RD034ooVztS4tRQuwHJxTs4o58JTEX8UHVhz558g",
"payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImRldi5rcm9iZWludGVyYWN0aXZlLmNvbSIKICAgIH0KICBdCn0"
}
2022-01-10 16:04:14,249:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 347
2022-01-10 16:04:14,251:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Date: Mon, 10 Jan 2022 21:04:15 GMT
Content-Type: application/json
Content-Length: 347
Connection: keep-alive
Boulder-Requester: 358208020
Cache-Control: public, max-age=0, no-cache
Link: https://acme-v02.api.letsencrypt.org/directory;rel="index"
Location: https://acme-v02.api.letsencrypt.org/acme/order/358208020/54311917630
Replay-Nonce: 0001bfRnoIpYAdSLt6HcDqKkzhEDk3xPy9gI2qRW0eRAk1M
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"status": "pending",
"expires": "2022-01-17T20:42:29Z",
"identifiers": [
{
"type": "dns",
"value": "dev.krobeinteractive.com"
}
],
"authorizations": [
"https://acme-v02.api.letsencrypt.org/acme/authz-v3/66963836960"
],
"finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/358208020/54311917630"
}
2022-01-10 16:04:14,252:DEBUG:acme.client:Storing nonce: 0001bfRnoIpYAdSLt6HcDqKkzhEDk3xPy9gI2qRW0eRAk1M
2022-01-10 16:04:14,257:DEBUG:acme.client:JWS payload:
b''
2022-01-10 16:04:14,262:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/66963836960:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzU4MjA4MDIwIiwgIm5vbmNlIjogIjAwMDFiZlJub0lwWUFkU0x0NkhjRHFLa3poRURrM3hQeTlnSTJxUlcwZVJBazFNIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My82Njk2MzgzNjk2MCJ9",
"signature": "KgC54FJUy05i7Fb693nOoqoA6mcavGipWfZ7B8PGJbILoWTiz_aZnmVFVZnYBz9CZBx7hilNZ5-UI0GTbCl2jKDCfN0DYLe3klVAR_auY30TMZJ-Qz1AbdCos1ZXXteJcXnIH024iHtzFhiLYAL-VB5ZDUUQusIWGx89xiny9xSQX8IQNutN0oz7OIODQVCnujRmg0BqS2lco_aq4NS2VWAPU5dXI1tjyHRkXYCD5EzmhsTm_ty4sIh3ZsRvwmMxIcUq-gr15uAaYt7crSC0zTvOyxMxCbAy4gDjGwUwhkg1sxGjy4-iSTbunsap2HjsBFkM68qi0rgu6BTCcLFnoQ",
"payload": ""
}
2022-01-10 16:04:14,334:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/66963836960 HTTP/1.1" 200 805
2022-01-10 16:04:14,335:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Mon, 10 Jan 2022 21:04:15 GMT
Content-Type: application/json
Content-Length: 805
Connection: keep-alive
Boulder-Requester: 358208020
Cache-Control: public, max-age=0, no-cache
Link: https://acme-v02.api.letsencrypt.org/directory;rel="index"
Replay-Nonce: 0002k4PXDDNjz8YJFBAq6P9iI83-0oXg8GrDy34QBv6EDqU
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "dev.krobeinteractive.com"
},
"status": "pending",
"expires": "2022-01-17T20:42:29Z",
"challenges": [
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/66963836960/CigZmA",
"token": "KgBzHVBFrexxRMWUvJWcPr8O63sp_F_rVg3p0zRN_4A"
},
{
"type": "dns-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/66963836960/xx9D-A",
"token": "KgBzHVBFrexxRMWUvJWcPr8O63sp_F_rVg3p0zRN_4A"
},
{
"type": "tls-alpn-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/66963836960/S-wieQ",
"token": "KgBzHVBFrexxRMWUvJWcPr8O63sp_F_rVg3p0zRN_4A"
}
]
}
2022-01-10 16:04:14,335:DEBUG:acme.client:Storing nonce: 0002k4PXDDNjz8YJFBAq6P9iI83-0oXg8GrDy34QBv6EDqU
2022-01-10 16:04:14,335:INFO:certbot._internal.auth_handler:Performing the following challenges:
2022-01-10 16:04:14,336:INFO:certbot._internal.auth_handler:http-01 challenge for dev.krobeinteractive.com
2022-01-10 16:04:14,399:DEBUG:certbot_apache._internal.http_01:Adding a temporary challenge validation Include for name: dev.krobeinteractive.com in: /etc/httpd/conf.d/krobe_httpd_conf/9999-krobeinteractive.com.conf
2022-01-10 16:04:14,399:DEBUG:certbot_apache.internal.http_01:writing a pre config file with text:
RewriteEngine on
RewriteRule ^/.well-known/acme-challenge/([A-Za-z0-9-=]+)$ /var/lib/letsencrypt/http_challenges/$1 [END]
2022-01-10 16:04:14,399:DEBUG:certbot_apache._internal.http_01:writing a post config file with text:
<Directory /var/lib/letsencrypt/http_challenges>
Require all granted
<Location /.well-known/acme-challenge>
Require all granted
2022-01-10 16:04:14,418:DEBUG:certbot.reverter:Creating backup of /etc/httpd/conf.d/krobe_httpd_conf/9999-krobeinteractive.com.conf
2022-01-10 16:04:14,445:DEBUG:certbot._internal.error_handler:Encountered exception:
Traceback (most recent call last):
File "/var/lib/snapd/snap/certbot/1670/lib/python3.8/site-packages/certbot/_internal/auth_handler.py", line 85, in handle_authorizations
resps = self.auth.perform(achalls)
File "/var/lib/snapd/snap/certbot/1670/lib/python3.8/site-packages/certbot_apache/_internal/configurator.py", line 2530, in perform
http_response = http_doer.perform()
File "/var/lib/snapd/snap/certbot/1670/lib/python3.8/site-packages/certbot_apache/_internal/http_01.py", line 83, in perform
self.configurator.save("HTTP Challenge", True)
File "/var/lib/snapd/snap/certbot/1670/lib/python3.8/site-packages/certbot_apache/_internal/configurator.py", line 415, in save
self.parser.save(save_files)
File "/var/lib/snapd/snap/certbot/1670/lib/python3.8/site-packages/certbot_apache/_internal/parser.py", line 191, in save
self.aug.save()
File "/var/lib/snapd/snap/certbot/1670/lib/python3.8/site-packages/augeas/init.py", line 607, in save
self._raise_error(AugeasIOError, "Augeas.save() failed")
File "/var/lib/snapd/snap/certbot/1670/lib/python3.8/site-packages/augeas/init.py", line 154, in _raise_error
raise errorclass(ec, fullmessage, msg, minor, details)
augeas.AugeasIOError: Augeas.save() failed: No error
2022-01-10 16:04:14,445:DEBUG:certbot._internal.error_handler:Calling registered functions
2022-01-10 16:04:14,445:INFO:certbot._internal.auth_handler:Cleaning up challenges
2022-01-10 16:04:14,912:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
File "/snap/certbot/1670/bin/certbot", line 8, in
sys.exit(main())
File "/var/lib/snapd/snap/certbot/1670/lib/python3.8/site-packages/certbot/main.py", line 19, in main
return internal_main.main(cli_args)
File "/var/lib/snapd/snap/certbot/1670/lib/python3.8/site-packages/certbot/_internal/main.py", line 1632, in main
return config.func(config, plugins)
File "/var/lib/snapd/snap/certbot/1670/lib/python3.8/site-packages/certbot/_internal/main.py", line 1491, in certonly
lineage = _get_and_save_cert(le_client, config, domains, certname, lineage)
File "/var/lib/snapd/snap/certbot/1670/lib/python3.8/site-packages/certbot/_internal/main.py", line 139, in _get_and_save_cert
lineage = le_client.obtain_and_enroll_certificate(domains, certname)
File "/var/lib/snapd/snap/certbot/1670/lib/python3.8/site-packages/certbot/_internal/client.py", line 496, in obtain_and_enroll_certificate
cert, chain, key, _ = self.obtain_certificate(domains)
File "/var/lib/snapd/snap/certbot/1670/lib/python3.8/site-packages/certbot/_internal/client.py", line 424, in obtain_certificate
orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
File "/var/lib/snapd/snap/certbot/1670/lib/python3.8/site-packages/certbot/_internal/client.py", line 476, in _get_order_and_authorizations
authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort)
File "/var/lib/snapd/snap/certbot/1670/lib/python3.8/site-packages/certbot/_internal/auth_handler.py", line 85, in handle_authorizations
resps = self.auth.perform(achalls)
File "/var/lib/snapd/snap/certbot/1670/lib/python3.8/site-packages/certbot_apache/_internal/configurator.py", line 2530, in perform
http_response = http_doer.perform()
File "/var/lib/snapd/snap/certbot/1670/lib/python3.8/site-packages/certbot_apache/_internal/http_01.py", line 83, in perform
self.configurator.save("HTTP Challenge", True)
File "/var/lib/snapd/snap/certbot/1670/lib/python3.8/site-packages/certbot_apache/_internal/configurator.py", line 415, in save
self.parser.save(save_files)
File "/var/lib/snapd/snap/certbot/1670/lib/python3.8/site-packages/certbot_apache/_internal/parser.py", line 191, in save
self.aug.save()
File "/var/lib/snapd/snap/certbot/1670/lib/python3.8/site-packages/augeas/init.py", line 607, in save
self._raise_error(AugeasIOError, "Augeas.save() failed")
File "/var/lib/snapd/snap/certbot/1670/lib/python3.8/site-packages/augeas/init.py", line 154, in _raise_error
raise errorclass(ec, fullmessage, msg, minor, details)
augeas.AugeasIOError: Augeas.save() failed: No error
2022-01-10 16:04:14,913:ERROR:certbot._internal.log:An unexpected error occurred:
2022-01-10 16:04:14,914:ERROR:certbot._internal.log:augeas.AugeasIOError: Augeas.save() failed: No error