Error when installing letsencrypt

i am trying to install lets encrypt on ubuntu with apache 2 but with no success. i get the following error:

Keeping the existing certificate
Could not reverse map the HTTPS VirtualHost to the original

IMPORTANT NOTES:

Unable to install the certificate
Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/www.deals4u.co.il/fullchain.pem Your key file has been saved at: /etc/letsencrypt/live/www.deals4u.co.il/privkey.pem Your cert will expire on 2018-05-19. To obtain a new or tweaked version of this certificate in the future, simply run certbot again with the “certonly” option. To non-interactively renew all of your certificates, run "certbot renew"
my conf file looks like this:

<VirtualHost *:80>
ServerName deals4u.co.il
ServerAlias www.deals4u.co.il
DocumentRoot /var/www/html
<Directory /var/www/html/>
Options Indexes FollowSymLinks
AllowOverride All

please help! i’m hopeless

Hi,

This means you have successfully obtained the certificate.

This message tell you you need to install it by yourself.

So why hopeless? You just need to find out how to install the certificate on Apache 2.

P.S. if you search on Google with some keyword, you can probably find the solution to this problem in 1s.

Hi Steven,
I get the following error
Could not reverse map the HTTPS VirtualHost to the original
Searched few hours to figure out trying to solve it but without success so far…

deals4u is no valid hostname, i think that is the reason for the message.

didn’t help i changed the servername to deals4u.co.il

Hi @eladnm, what version of Certbot are you running here?

my certbot version is 0.21.1. thanks

Hi,

Please use certbot --version

Thank you

certbot version is 0.21.1

Just one question.

Did you try to add a https host at 443??

If not, that's the reason this message occurs.

i ran sudo certbot --apache certonly and now i dont get any error but the website is not secure… www.deals4u.co.il
i have my default-ssl.conf:

<IfModule mod_ssl.c>
	<VirtualHost _default_:443>
    	ServerName deals4u.co.il
    	ServerAlias www.deals4u.co.il
		DocumentRoot /var/www/html

		# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
		# error, crit, alert, emerg.
		# It is also possible to configure the loglevel for particular
		# modules, e.g.
		#LogLevel info ssl:warn

		ErrorLog ${APACHE_LOG_DIR}/error.log
		CustomLog ${APACHE_LOG_DIR}/access.log combined

		# For most configuration files from conf-available/, which are
		# enabled or disabled at a global level, it is possible to
		# include a line for only one particular virtual host. For example the
		# following line enables the CGI configuration for this host only
		# after it has been globally disabled with "a2disconf".
		#Include conf-available/serve-cgi-bin.conf

		#   SSL Engine Switch:
		#   Enable/Disable SSL for this virtual host.
		SSLEngine on

		#   A self-signed (snakeoil) certificate can be created by installing
		#   the ssl-cert package. See
		#   /usr/share/doc/apache2/README.Debian.gz for more info.
		#   If both key and certificate are stored in the same file, only the
		#   SSLCertificateFile directive is needed.
		   SSLCertificateFile	/etc/ssl/certs/ssl-cert-snakeoil.pem
		   SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key

Hi,

Just want to clarify,

This is not an error.
You've applied for the certificate, certbot just can't install the cert automatically.

Maybe try chown the .conf to right user?

You probably meant “chown” here.

You can probably set

		   SSLCertificateFile	/etc/letsencrypt/live/www.deals4u.co.il/fullchain.pem
		   SSLCertificateKeyFile /etc/letsencrypt/live/www.deals4u.co.il/privkey.pem

instead of the snakeoil certificate, and then restart Apache.

That’s right.

Hate input autocorrection

did not help still not ssl on https://www.deals4u.co.il

Did you get an error message when starting Apache? Do you have a firewall somewhere blocking incoming connections on port 443?

not error message on apache2 log
tried also sudo chown -R root:root /etc/apache2/sites-available
no firewall blocking

Could you run this?

netstat -pant | grep :443

He’s port is open now.
The only problem is he issue two cert instead of one.

@eladnm You issued two cert,
first one is deals4u.co.il, second one is www.deals4u.co.il
Please issue one cert contain both names.

Thank you

Refer to crt.sh id :slight_smile:
https://crt.sh/?id=337388951
https://crt.sh/?id=337394042