Error: should only be one vhost in /etc/apache2


#1

Hi Lets Encrypt Team,

I have a few of vhosts config files in two of them I configured 2 vhosts

i.e.:

NameVirtualHost 123.456.789.12

<VirtualHost 123.456.789.12>
ServerName cloud.domain.tld
DocumentRoot /var/www/owncloud
</VirtualHost>

<VirtualHost 123.456.789.12>
ServerName owncloud.domain.tld
DocumentRoot /var/www/owncloud
</VirtualHost>

I used the default command to obtain & install a cert in my webserver:

sudo ./venv/bin/letsencrypt

and got following error message:

Error: should only be one vhost in
/etc/apache2/sites-available/owncloud.conf

so i delete the second vhost an rerun the command
but still get the same error message


Certbot on Apache - Unable to Find Domains Due to Multiple Hosts in Config File
#2

Hi yannick,

The code that is currently throwing that error was placed in there to avoid confusion or mistakes when copying over HTTPS vhosts.

A more appropriate error might be… “Only 1 vhost per file is currently supported”

The client will attempt to split off the SSL vhosts as separate files, copying over the content and then including the additional TLS/HTTPS specific directives needed. If HTTPS was only selected for one of the vhosts. The file would need to be split, and the new file would require a different naming convention.

I haven’t yet addressed this complication. Hence the currently thrown error.

Deleting the second VirtualHost block in that file should have corrected the problem though. (Ideally the second virtual host would go in its own appropriately named file.) That error is only thrown when attempting to make an HTTPS vhost when the original vhost file contains multiple virtual hosts.

I am very surprised the error persisted. You don’t have any directories under sites-available, do you?


#3

i have no directories under sites-available.

the vhost ist working now, after deleting the second vhost (/sperating in a different file) and using this method:

sudo ./venv/bin/letsencrypt -d www.example.org run

but letsencrypt or letsencrypt run still dont work (and get the mentioned error message)

do the client store any files outside the
apache/ngnix folder, /etc/letsencrypt or ~/letsencrypt/venv/bin/letsencrypt?
maybe there are some cachefiles that cause the error


#4

There should be another reference in /etc/apache2/sites-enabled/ as opposed to sites-available. Its possible this could be it.

–…Archer


#5

I solved it!

i forgot the port number:

VirtualHost 123.456.789.12 :80

NameVirtualHost 123.456.789.12

<VirtualHost 123.456.789.12:80>
ServerName cloud.domain.tld
DocumentRoot /var/www/owncloud
</VirtualHost>

#6

EDIT: Read @bmw’s post below mine; it’s actually still an active issue being tracked in #1042.


For future readers, it looks like this issue was resolved by Pull Request #1226, so multiple vhosts in a single Apache configuration file are now allowed.


#7

#1226 actually solved a different issue. The problem there was the Apache plugin would fail to deploy a certificate to multiple vhosts, each in their own file, when the client was given the install subcommand.

If you’d like to track the progress on the limitation of one vhost per file, keep an eye on #1042.


#8

Hi,

I’ve truncated my vhost onto this

NameVirtualHost 123.456.789.123
<VirtualHost 123.456.789.123:80>
DocumentRoot /var/www/fw
</VirtualHost>

and i’m getting the same error

Any ideas?
On this server is only one subdomain hostet

i also looked 1042 and the other issues but i didn’t find something


#9

I’m definitely getting this on a pretty simple setup.

NameVirtualHost 52.27.177.98

<VirtualHost 52.27.177.98:80>
  ServerAdmin support@velociraptorsystems.com
  DocumentRoot "/var/www/papaya-pythons"
  ServerName papayapythons.com
  ServerAlias www.papayapythons.com
  ServerPath /papaya-pythons/
  <Directory /var/www/papaya-pythons/server_config>
  Order deny,allow
  Deny from all
  </Directory>
</VirtualHost>

Don’t know what’s breaking that … ideas?

No directories in /etc/apache2/sites-available/, either.


#10

I don’t think that certificates are issued for IP addresses… are they?


#11

@riking domains only AFAIK


#12

I’ve got the same problem…

my file:

<VirtualHost *:80>
    ServerAdmin example@example.com
    DocumentRoot /var/www/1/
    ServerName example.com
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

error:

Error: should only be one vhost in
/etc/apache2/sites-enabled/example.com.conf

any idea what’s wrong?

Command which I run:

./certbot-auto --apache -d example.com

(where example.com is my domain)

I also tried replacing <VirtualHost *:80> with <VirtualHost my-ip:80> or <VirtualHost *:*>


#13

@Nicofisi, is there perhaps also another (additional) <VirtualHost> stanza within the example.com.conf file?


#14

I also still get the same problem. I tried already all I can think of. Now other vhosts in my httpd.conf, no other sites etc. loaded. But I am still unable to install the certificates.

Is there any workaround? can I manually install the certificates and if how?
thanks in advance


#15

I got it working.

A little bit after my first post I found the topic "one vhost per file" where one of the users commented the following:

“I did some additional testing and it looks like certbot doesn’t like the fact that the tag is inside of httpd.conf - it would rather have it in a dedicated file.”

and this is exactly what was my problem. I took the vhost part out of my main httpd.conf and moved to a seperated files in /sites. Once done the automatic apache configuration and cert creation worked perfect.

thx.