Error while running apache2ctl graceful

I am running a Google Cloud Drupal VM instance and I’m using Apache and Debian 8.

My domain name is mangotreepro.com

The command I ran was:

certbot --apache

The output I got was:

Error while running apache2ctl graceful.
httpd not running, trying to start
Action ‘graceful’ failed.
The Apache error log may have more information.
AH00112: Warning: DocumentRoot [/var/lib/letsencrypt/tls_sni_01_page/] does not exist
AH00558: apache2: Could not reliably determine the server’s fully qualified domain name, using 127.0.0.1. Set the ‘S
erverName’ directive globally to suppress this message
(98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
AH00015: Unable to open logs

I also tried running certbot --apache certonly and recieved the same error.

Apache is currently running on your domain, so you have either resolved this, or there is a second version of apache running - which is why you are getting the error.

Yes I resolved the issue by running certbot certonly --webroot

I put the domain name as: Mangotreepro.com
I put the webroot as: opt/bitnami/apps/drupal/htdocs

However, as you can see, the webpage is not currently MY webpage, it’s the default apache page. It says I must replace a file, which I found in my directory, but what do I replace it with? How do I get my drupal site to show up instead of the default apache page?

Currently it’s not giving the default apache page, but rather a “403 forbidden” error.

Have you got a backup of your apache config ? if not, can you paste your main apache config, and your vhost for the domain so we can tell you what corrections are required.

Yes it was giving me the default page earlier, and now it’s a 403 forbidden error. I believe it’s because my coworker (seeing the site wasn’t there) loaded a snapshot of the site before I followed the steps to use letsencrypt. Unfortunately, we needed the original site to be working for a meeting today. However, I am confident that when I try to implement a certificate again, I can get it to the apache default page. How do I proceed from there?

If you use the certbot certonly --webroot method, it will make no changes to your apache ( so won’t change things to the apache default page or anything)

You will need to configure your apache for https afterwards - https://mozilla.github.io/server-side-tls/ssl-config-generator/ is a good site for giving you a good config. Let us know what you want a hand with, and preferably paste what you have so we can tell you the modifications needed.

2 Likes

Could you help me run the certbot --apache instead then? The less I have to configure myself the better, I’m quite inexperienced. If not that’s okay, I don’t really know which pathway is going to be easier.

Yes, I’d suggest doing it after your meeting today, so that there isn’t a time pressure to get it fixed fully :wink:

Then. the more information you can provide the better (do you have root access ? do you have a control panel ? what versions of apache etc ) It would be good to check your apache config before you start as well, since some of your initial errors looked to be not related to letsencrypt, rather errors in apache config.

2 Likes

Awesome, thanks! :slight_smile:

I have root access through SSH yes. I believe the version is Apache 2.4.25.

When I navigate to my apache config directory I find this:

bitnami httpd.conf modsecurity.conf pagespeed_libraries.conf server.crt ssi.conf
deflate.conf magic original php-fpm-apache.conf server.csr
extra mime.types pagespeed.conf privkey.pem server.key
root@(website):/opt/bitnami/apache2/conf#

Which file are you referring to?

Timezones may slow things down a little - although hopefully there are others in the correct timezone for you.

Ahh, you are using bitnami - so yes please the /opt/bitnami/apache2/conf , httpd.conf and ssi.conf

Do you have more than one website on the server ? or just the one ?

Sorry for the late reply, I’ve been a bit busy.

I have found the files you requested, but they are quite long and it would be very difficult to paste them anywhere or screenshot them. If needed I can do this, but which part of the files are you looking for particularly? I can navigate the file and find the information you need.

http://pastebin.com would be an option I recon.

1 Like

Thanks Osiris, good plan.

Here is the ssi.conf:

http://pastebin.com/ebyXJmEc

Here is the httpd.conf:

http://pastebin.com/LBfzbZQf

Update: I’m testing/learning how to to enable HTTPS on an identical website with a different domain and IP.

I am now again getting the default apache page.

Domain name: mangoquant.com

Any help moving forward from here would be appreciated.

Have you set up a vhost file for the new domain ?

That should set ( amongst other things) the DocumentRoot and ServerName. You will also need to set up one for https - you can use https://mozilla.github.io/server-side-tls/ssl-config-generator/ as a guide for what that should contain.

1 Like

I’m not exactly sure what you mean by vhost file-so I suppose I didn’t set one up. :frowning: All I have done so far is attach the domain name to the IP of a duplicate to the website and then get the certificate. The duplicate website is running on a different VM instance than the original.

Where should I put the vhost file and the one for https? Does it matter what their names are?

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.