Error: should only be one vhost in abc.domain.conf


#1

Hello,

There are four domain names on my server, and I try to config the third domain name with ssl. I run the command # certbot --authenticator webroot --installer apache and it prints output

Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel):3
Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for abc.domain.com

Select the webroot for abc.domain.com:
-------------------------------------------------------------------------------
1: Enter a new webroot
-------------------------------------------------------------------------------
Press 1 [enter] to confirm the selection (press 'c' to cancel): 1
Input the webroot for abc.domain.com: (Enter 'c' to cancel):/srv/apps/abc/build.webpack/
Waiting for verification...
Cleaning up challenges
Generating key (2048 bits): /etc/letsencrypt/keys/0009_key-certbot.pem
Creating CSR: /etc/letsencrypt/csr/0009_csr-certbot.pem
Error: should only be one vhost in /etc/apache2/sites-available/abc.domain.conf
Currently, we only support configurations with one vhost per file

IMPORTANT NOTES:
 - Unable to install the certificate

the domain conf file abc.domain.conf

<VirtualHost *:80>
	# The ServerName directive sets the request scheme, hostname and port that
	# the server uses to identify itself. This is used when creating
	# redirection URLs. In the context of virtual hosts, the ServerName
	# specifies what hostname must appear in the request's Host: header to
	# match this virtual host. For the default virtual host (this file) this
	# value is not decisive as it is used as a last resort host regardless.
	# However, you must set it for any further virtual host explicitly.

	ServerName abc.domain.com

	ServerAdmin webmaster@abc.com
	DocumentRoot /srv/apps/abc/build.webpack/

    <Directory />
      AllowOverride all
      Require all denied
    </Directory>

    <Directory "/srv/apps/abc/build.webpack/">
       Options MultiViews FollowSymLinks
       AllowOverride all
       Require all granted
    </Directory>

    <DirectoryMatch "^/.*/\.git/">
        ErrorDocument 403 /404.html
        Order allow,deny
        Deny from all
        Satisfy All
    </DirectoryMatch>


	# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
	# error, crit, alert, emerg.
	# It is also possible to configure the loglevel for particular
	# modules, e.g.
	#LogLevel info ssl:warn

	ErrorLog ${APACHE_LOG_DIR}/abc.error.log
	CustomLog ${APACHE_LOG_DIR}/abc.access.log combined

	# For most configuration files from conf-available/, which are
	# enabled or disabled at a global level, it is possible to
	# include a line for only one particular virtual host. For example the
	# following line enables the CGI configuration for this host only
	# after it has been globally disabled with "a2disconf".
	#Include conf-available/serve-cgi-bin.conf
</VirtualHost>

# vim: syntax=apache ts=4 sw=4 sts=4 sr noet

I’ve checked many times, there is ONLY one vhost in the conf file.
My OS is debian 8 and certbot 0.10.2. There is no problem on debian 9 or ubuntu. How can I fix the problem? Thanks!


#2

Hi @jacktang

is this

the standard Apache configuration? Or is this the file there?


#3

@JuergenAuer It is the sub-domain conf file. I’ve update it in the original post.


#4

Isn’t your certbot too old? If Debian 9 doesn’t have that problem?


#5

Yes, I’ve configured the same four domain names on debian 9 and ubuntu. We migrate the app to another cloud vendor and there is no debian 9 in the new cloud platform. I checked the version of certbot on ubuntu, the version is 0.26.1 How can I upgrade certbot on debian 8?


#6

Checking there:

sudo apt-get update
sudo apt-get install certbot python-certbot-apache

should do the job.


#7

I just migrated the app two days ago. And it seems that the latest version in jessie-backports is 0.10.2

$ aptitude versions certbot
Package certbot:
i   0.10.2-1~bpo8+1                                                             jessie-backports                                         100

Package python-certbot:
i A 0.10.2-1~bpo8+1                                                             jessie-backports                                         100

Package python-certbot-apache:
i   0.10.2-1~bpo8+1                                                             jessie-backports                                         100

Package python-certbot-apache-doc:
p   0.10.2-1~bpo8+1                                                             jessie-backports                                         100

Package python-certbot-doc:
p   0.10.2-1~bpo8+1                                                             jessie-backports                                         100

Package python-certbot-nginx:
p   0.10.2-1~bpo8+1                                                             jessie-backports                                         100

Package python-certbot-nginx-doc:
p   0.10.2-1~bpo8+1                                                             jessie-backports                                         100

#8

Perhaps the error message is wrong. Are there other configuration files with more then one vHost per file?

What says

/var/log/letsencrypt/letsencrypt.log

#9

the tail of /var/log/letsencrypt/letsencrypt.log

2018-10-27 13:30:04,501:DEBUG:certbot.storage:Writing certificate to /etc/letsencrypt/live/abc.domain.com/cert.pem.
2018-10-27 13:30:04,501:DEBUG:certbot.storage:Writing private key to /etc/letsencrypt/live/abc.domain.com/privkey.pem.
2018-10-27 13:30:04,502:DEBUG:certbot.storage:Writing chain to /etc/letsencrypt/live/abc.domain.com/chain.pem.
2018-10-27 13:30:04,502:DEBUG:certbot.storage:Writing full chain to /etc/letsencrypt/live/abc.domain.com/fullchain.pem.
2018-10-27 13:30:04,502:DEBUG:certbot.storage:Writing README to /etc/letsencrypt/live/abc.domain.com/README.
2018-10-27 13:30:05,555:DEBUG:certbot.storage:Writing new config /etc/letsencrypt/renewal/abc.domain.com.conf.
2018-10-27 13:30:05,557:DEBUG:certbot.reporter:Reporting to user: Congratulations! Your certificate and chain have been saved at /etc/letsencrypt/live/abc.domain.com/fullchain.pem. Your cert will expire on 2019-01-25. To obtain a new or tweaked version of this certificate in the future, simply run certbot again with the "certonly" option. To non-interactively renew *all* of your certificates, run "certbot renew"
2018-10-27 13:30:05,560:ERROR:certbot_apache.configurator:Error: should only be one vhost in /etc/apache2/sites-available/rs.domain.conf
2018-10-27 13:30:05,561:DEBUG:certbot.error_handler:Encountered exception:
Traceback (most recent call last):
  File "/usr/lib/python2.7/dist-packages/certbot/client.py", line 386, in deploy_certificate
    fullchain_path=fullchain_path)
  File "/usr/lib/python2.7/dist-packages/certbot_apache/configurator.py", line 231, in deploy_cert
    vhost = self.choose_vhost(domain)
  File "/usr/lib/python2.7/dist-packages/certbot_apache/configurator.py", line 325, in choose_vhost
    vhost = self.make_vhost_ssl(vhost)
  File "/usr/lib/python2.7/dist-packages/certbot_apache/configurator.py", line 804, in make_vhost_ssl
    raise errors.PluginError("Currently, we only support "
PluginError: Currently, we only support configurations with one vhost per file

2018-10-27 13:30:05,561:DEBUG:certbot.error_handler:Calling registered functions
2018-10-27 13:30:05,562:DEBUG:certbot.reporter:Reporting to user: Unable to install the certificate
2018-10-27 13:30:05,563:DEBUG:certbot.main:Exiting abnormally:
Traceback (most recent call last):
  File "/usr/bin/certbot", line 11, in <module>
    load_entry_point('certbot==0.10.2', 'console_scripts', 'certbot')()
  File "/usr/lib/python2.7/dist-packages/certbot/main.py", line 849, in main
    return config.func(config, plugins)
  File "/usr/lib/python2.7/dist-packages/certbot/main.py", line 579, in run
    lineage.chain, lineage.fullchain)
  File "/usr/lib/python2.7/dist-packages/certbot/client.py", line 386, in deploy_certificate
    fullchain_path=fullchain_path)
  File "/usr/lib/python2.7/dist-packages/certbot_apache/configurator.py", line 231, in deploy_cert
    vhost = self.choose_vhost(domain)
  File "/usr/lib/python2.7/dist-packages/certbot_apache/configurator.py", line 325, in choose_vhost
    vhost = self.make_vhost_ssl(vhost)
  File "/usr/lib/python2.7/dist-packages/certbot_apache/configurator.py", line 804, in make_vhost_ssl
    raise errors.PluginError("Currently, we only support "
PluginError: Currently, we only support configurations with one vhost per file