Error when installing letsencrypt

eladnm · February 18, 2018, 9:40pm

i am trying to install lets encrypt on ubuntu with apache 2 but with no success. i get the following error:

Keeping the existing certificate
Could not reverse map the HTTPS VirtualHost to the original

IMPORTANT NOTES:

Unable to install the certificate
Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/www.deals4u.co.il/fullchain.pem Your key file has been saved at: /etc/letsencrypt/live/www.deals4u.co.il/privkey.pem Your cert will expire on 2018-05-19. To obtain a new or tweaked version of this certificate in the future, simply run certbot again with the “certonly” option. To non-interactively renew all of your certificates, run "certbot renew"
my conf file looks like this:

<VirtualHost *:80>
ServerName deals4u.co.il
ServerAlias www.deals4u.co.il
DocumentRoot /var/www/html
<Directory /var/www/html/>
Options Indexes FollowSymLinks
AllowOverride All

please help! i’m hopeless

stevenzhu · February 20, 2018, 4:49am

Hi,

This means you have successfully obtained the certificate.

This message tell you you need to install it by yourself.

So why hopeless? You just need to find out how to install the certificate on Apache 2.

P.S. if you search on Google with some keyword, you can probably find the solution to this problem in 1s.

eladnm · February 20, 2018, 6:14am

Hi Steven,
I get the following error
Could not reverse map the HTTPS VirtualHost to the original
Searched few hours to figure out trying to solve it but without success so far…

bfqTudaffO1LNwUSmNFf · February 20, 2018, 6:40am

deals4u is no valid hostname, i think that is the reason for the message.

eladnm · February 20, 2018, 5:13pm

didn’t help i changed the servername to deals4u.co.il

schoen · February 20, 2018, 9:53pm

Hi @eladnm, what version of Certbot are you running here?

eladnm · February 21, 2018, 5:47pm

my certbot version is 0.21.1. thanks

stevenzhu · February 21, 2018, 5:50pm

Hi,

Please use certbot --version

Thank you

eladnm · February 21, 2018, 5:54pm

certbot version is 0.21.1

stevenzhu · February 21, 2018, 6:03pm

Just one question.

Did you try to add a https host at 443??

If not, that's the reason this message occurs.

eladnm · February 21, 2018, 6:11pm

i ran sudo certbot --apache certonly and now i dont get any error but the website is not secure… www.deals4u.co.il
i have my default-ssl.conf:

<IfModule mod_ssl.c>
	<VirtualHost _default_:443>
    	ServerName deals4u.co.il
    	ServerAlias www.deals4u.co.il
		DocumentRoot /var/www/html

		# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
		# error, crit, alert, emerg.
		# It is also possible to configure the loglevel for particular
		# modules, e.g.
		#LogLevel info ssl:warn

		ErrorLog ${APACHE_LOG_DIR}/error.log
		CustomLog ${APACHE_LOG_DIR}/access.log combined

		# For most configuration files from conf-available/, which are
		# enabled or disabled at a global level, it is possible to
		# include a line for only one particular virtual host. For example the
		# following line enables the CGI configuration for this host only
		# after it has been globally disabled with "a2disconf".
		#Include conf-available/serve-cgi-bin.conf

		#   SSL Engine Switch:
		#   Enable/Disable SSL for this virtual host.
		SSLEngine on

		#   A self-signed (snakeoil) certificate can be created by installing
		#   the ssl-cert package. See
		#   /usr/share/doc/apache2/README.Debian.gz for more info.
		#   If both key and certificate are stored in the same file, only the
		#   SSLCertificateFile directive is needed.
		   SSLCertificateFile	/etc/ssl/certs/ssl-cert-snakeoil.pem
		   SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key

stevenzhu · February 21, 2018, 6:20pm

Hi,

Just want to clarify,

This is not an error.
You've applied for the certificate, certbot just can't install the cert automatically.

Maybe try chown the .conf to right user?

schoen · February 21, 2018, 6:27pm

You probably meant "chown" here.

schoen · February 21, 2018, 6:29pm

You can probably set

		   SSLCertificateFile	/etc/letsencrypt/live/www.deals4u.co.il/fullchain.pem
		   SSLCertificateKeyFile /etc/letsencrypt/live/www.deals4u.co.il/privkey.pem

instead of the snakeoil certificate, and then restart Apache.

stevenzhu · February 21, 2018, 6:29pm

That’s right.

Hate input autocorrection

eladnm · February 21, 2018, 6:31pm

did not help still not ssl on https://www.deals4u.co.il

schoen · February 21, 2018, 6:39pm

Did you get an error message when starting Apache? Do you have a firewall somewhere blocking incoming connections on port 443?

eladnm · February 21, 2018, 6:41pm

not error message on apache2 log
tried also sudo chown -R root:root /etc/apache2/sites-available
no firewall blocking

schoen · February 21, 2018, 7:06pm

Could you run this?

netstat -pant | grep :443

stevenzhu · February 21, 2018, 7:15pm

He’s port is open now.
The only problem is he issue two cert instead of one.

@eladnm You issued two cert,
first one is deals4u.co.il, second one is www.deals4u.co.il
Please issue one cert contain both names.

Thank you

Refer to crt.sh id
https://crt.sh/?id=337388951
https://crt.sh/?id=337394042

Topic		Replies	Views
IMPORTANT NOTES: - Unable to install the certificate Help	11	11989	December 29, 2018
Using certbot for the very first time Help	11	1488	April 15, 2018
Unable to install the certificate Help	5	1225	April 22, 2020
Could not reverse map the HTTPS VirtualHost to the original Help	19	7720	August 29, 2018
Getting error on Ubuntu Apache with Certbot setup Server	18	3213	June 3, 2018

Error when installing letsencrypt

Related topics