I'm receiving "500 Internal Server Error " after creating a certificate. I've rechecked many things to ensure I have https allowed, etc. My suspicion is the unwise decision when I choose Ubuntu 19.04, which is not listed on certbot.eff.org. The site shows https in the search bar but just cannot figure out what's wrong in the site showing 500 error. Thanks for any help.
~1 hour old
Because I set it up yesterday, maybe that's why.
apachectl -S
AH00526: Syntax error on line 56 of /etc/apache2/sites-enabled/apache_crm-le-ssl.conf:
SSLCertificateFile: file '/etc/letsencrypt/live/www.wijahati.com/fullchain.pem' does not exist or is empty
Action '-S' failed.
The Apache error log may have more information.
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
ServerName www.wijahati.com
ServerAdmin webmaster@localhost
ServerAlias wijahati.com
DocumentRoot /var/www/html
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
RewriteEngine on
RewriteCond %{SERVER_NAME} =www.wijahati.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
Site apache_crm-le-ssl disabled.
To activate the new configuration, you need to run:
systemctl reload apache2
/etc/apache2/sites-enabled $ sudo apachectl -S
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.105.74.207. Set the 'ServerName' directive globally to suppress this message
VirtualHost configuration:
*:80 www.wijahati.com (/etc/apache2/sites-enabled/apache_crm.conf:1)
ServerRoot: "/etc/apache2"
Main DocumentRoot: "/var/www/html"
Main ErrorLog: "/var/log/apache2/error.log"
Mutex rewrite-map: using_defaults
Mutex ssl-stapling-refresh: using_defaults
Mutex ssl-stapling: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/var/run/apache2/" mechanism=default
Mutex watchdog-callback: using_defaults
PidFile: "/var/run/apache2/apache2.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="www-data" id=33
Group: name="www-data" id=33
**/etc/apache2/sites-enabled** $ sudo certbot --apache -d www.wijahati.com -d wijahati.com
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Cert not yet due for renewal
You have an existing certificate that has exactly the same domains or certificate name you requested and isn't close to expiry.
(ref: /etc/letsencrypt/renewal/www.wijahati.com.conf)
What would you like to do?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: Attempt to reinstall this existing certificate
2: Renew & replace the cert (limit ~5 per 7 days)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 1
Keeping the existing certificate
Created an SSL vhost at /etc/apache2/sites-available/apache_crm-le-ssl.conf
Deploying Certificate to VirtualHost /etc/apache2/sites-available/apache_crm-le-ssl.conf
Enabling available site: /etc/apache2/sites-available/apache_crm-le-ssl.conf
Deploying Certificate to VirtualHost /etc/apache2/sites-available/apache_crm-le-ssl.conf
Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2
Enhancement redirect was already set.
Enhancement redirect was already set.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Congratulations! You have successfully enabled https://www.wijahati.com and
https://wijahati.com
You should test your configuration at:
https://www.ssllabs.com/ssltest/analyze.html?d=www.wijahati.com
https://www.ssllabs.com/ssltest/analyze.html?d=wijahati.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
**IMPORTANT NOTES:**
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/www.wijahati.com/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/www.wijahati.com/privkey.pem
Your cert will expire on 2020-01-16. To obtain a new or tweaked
version of this certificate in the future, simply run certbot again
with the "certonly" option. To non-interactively renew *all* of
your certificates, run "certbot renew"
- Some rewrite rules copied from
/etc/apache2/sites-enabled/apache_crm.conf were disabled in the
vhost for your HTTPS site located at
/etc/apache2/sites-available/apache_crm-le-ssl.conf because they
have the potential to create redirection loops.
- If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le
I checked the site and still getting 500 error; I restarted apache and still not working.
**/etc/apache2/sites-enabled** $ sudo service apache2 restart
then I ran:
/etc/apache2/sites-enabled$ sudo apachectl -S
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.105.74.207. Set the 'ServerName' directive globally to suppress this message
VirtualHost configuration:
*:443 www.wijahati.com (/etc/apache2/sites-enabled/apache_crm-le-ssl.conf:2)
*:80 is a NameVirtualHost
default server www.wijahati.com (/etc/apache2/sites-enabled/apache_crm-le-ssl.conf:61)
port 80 namevhost www.wijahati.com (/etc/apache2/sites-enabled/apache_crm-le-ssl.conf:61)
alias wijahati.com
port 80 namevhost www.wijahati.com (/etc/apache2/sites-enabled/apache_crm-le-ssl.conf:104)
alias wijahati.com
port 80 namevhost www.wijahati.com (/etc/apache2/sites-enabled/apache_crm-le-ssl.conf:147)
alias wijahati.com
port 80 namevhost www.wijahati.com (/etc/apache2/sites-enabled/apache_crm.conf:1)
alias wijahati.com
ServerRoot: "/etc/apache2"
Main DocumentRoot: "/var/www/html"
Main ErrorLog: "/var/log/apache2/error.log"
Mutex ssl-cache: using_defaults
Mutex default: dir="/var/run/apache2/" mechanism=default
Mutex watchdog-callback: using_defaults
Mutex rewrite-map: using_defaults
Mutex ssl-stapling-refresh: using_defaults
Mutex ssl-stapling: using_defaults
PidFile: "/var/run/apache2/apache2.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="www-data" id=33
Group: name="www-data" id=33