Fail to restore config and restart server

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: https://design.tufftoe.com/

I ran this command: ./certbot-auto

It produced this output: self._reload()
File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot_apache/configurator.py”, line 2190, in
_reload
raise errors.MisconfigurationError(error)
MisconfigurationError: Error while running apache2ctl graceful.
httpd not running, trying to start
Action ‘graceful’ failed.
The Apache error log may have more information.
AH00558: apache2: Could not reliably determine the server’s fully qualified domain name, using 127.0.0.1. Set the ’
ServerName’ directive globally to suppress this message
(98)Address already in use: AH00072: make_sock: could not bind to address [::]:80
(98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
AH00015: Unable to open logs
Error while running apache2ctl graceful.
httpd not running, trying to start
Action ‘graceful’ failed.
The Apache error log may have more information.
AH00558: apache2: Could not reliably determine the server’s fully qualified domain name, using 127.0.0.1. Set the ’
ServerName’ directive globally to suppress this message
(98)Address already in use: AH00072: make_sock: could not bind to address [::]:80
(98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
AH00015: Unable to open logs
IMPORTANT NOTES:

My web server is (include version): Google Cloud Bitnami Wordpress

The operating system my web server runs on is (include version): Wordpress

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know): I don’t know

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

Hi @jtreloar

you have already created three certificates ( https://check-your-website.server-daten.de/?q=design.tufftoe.com#ct-logs ):

CertSpotter-Id Issuer not before not after Domain names LE-Duplicate next LE
937880961 CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US 2019-05-29 17:23:43 2019-08-27 17:23:43 design.tufftoe.com - 1 entries duplicate nr. 2
937716659 CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US 2019-05-29 15:02:13 2019-08-27 15:02:13 design.tufftoe.com - 1 entries duplicate nr. 1
923995860 CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US 2019-05-21 15:28:36 2019-08-19 15:28:36 design.tufftoe.com - 1 entries

But if you use Bitnami, Certbot can't install your certificate. So check the Bitnami documentation to see, how you can install one of these certificates.

certbot certificates

should show the certificates.

In 60 - 85 days, use certbot with the certonly option to create a certificate without installation.

Now you use a self signed certificate

CN=www.example.com, 
OU=Certificate generated at boot time, O=Bitnami
	08.04.2019
	05.04.2029
expires in 3599 days	

and your https isn't secure.

PS: If you have installed the certificate, you should update your configuration. There are some images with ip address and https, that can't work.

img src https://146.148.39.87/wp-content/uploads/2019/04/Man.jpg 1 Ip addresses found, use domain name.
img src https://146.148.39.87/wp-content/uploads/2019/04/Man2-1.jpg 1 Ip addresses found, use domain name.

Alright I created a new ssl certificate and fixed the mixed-content. But now when I go to whynopadlock.com I get this message:

The SSL certificate tests failed. Please be sure that you can connect to your site over SSL and try again.

Can someone please help me in understanding this? Please!

There is a check of your domain, ~ 2,5 hours old - https://check-your-website.server-daten.de/?q=design.tufftoe.com#html-content

There are two https + ip address:

img src https://146.148.39.87/wp-content/uploads/2019/04/Man.jpg 1 Ip addresses found, use domain name.
img src https://146.148.39.87/wp-content/uploads/2019/04/Man2-1.jpg 1 Ip addresses found, use domain name.

Are these fixed?

The whynopadlock - error: Ignore it. You have a valid certificate

CN=design.tufftoe.com
	29.05.2019
	27.08.2019
expires in 89 days	design.tufftoe.com - 1 entry
Keyalgorithm	EC Public Key (384 bit, secp384r1)

but whynopadlock doesn't understand EC certificates with 384 bit.

That's a known error - same with my domain ( https://check-your-website.server-daten.de/?q=server-daten.de ):

CN=*.server-daten.de
	02.04.2019
	01.07.2019
expires in 32 days	*.server-daten.de, server-daten.de - 2 entries
Keyalgorithm	EC Public Key (384 bit, secp384r1)

Check it with whynopadlock, you will see the same result.

That's the reason of this notice:

Online:

https://www.whynopadlock.com/

Has one limit: Doesn’t understand my own Letsencrypt EC-384 bit certificate. EC-256 works.

2019-10 I've wrote a mail to whynopadlock with the problem, it's not fixed.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.