Help Creating Certificate Manual Mode, don't know where to put

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: bdnetbreeze.blackdragonnetworks.com

I ran this command: certbot run -d bdnetbreeze.blackdragonnetworks.com --force-renewal

It produced this output:Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for bdnetbreeze.blackdragonnetworks.com
Using default addresses 80 and [::]:80 ipv6only=on for authentication.
Waiting for verification...
Challenge failed for domain bdnetbreeze.blackdragonnetworks.com
http-01 challenge for bdnetbreeze.blackdragonnetworks.com
Cleaning up challenges
Some challenges have failed.

IMPORTANT NOTES:

My web server is (include version): Apache/2.4.6 (CentOS)

The operating system my web server runs on is (include version): Centos 7

My hosting provider, if applicable, is: vul

I can login to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

That adds nothing to the equation - please don't use it without a real need.

Please show the output of:
apachectl -t -D DUMP_VHOSTS

3 Likes

Certbot thinks your webserver is nginx.

The webserver responding on that domain is Apache.

Does this domain definitely point to the right server?

Does running Certbot with the Apache plugin instead help?

sudo certbot --apache -d bdnetbreeze.blackdragonnetworks.com
4 Likes

Passing arguments to httpd using apachectl is no longer supported.
You can only start/stop/restart httpd using this script.
If you want to pass extra arguments to httpd, edit the
/etc/sysconfig/httpd config file.
VirtualHost configuration:
*:80 bdnetbreeze.blackdragonnetworks.com (/etc/httpd/conf.d/le-redirect-bdnetbreeze.blackdragonnetworks.com.conf:1)
[root@bdnetbreeze ~]#

Job for httpd.service failed because the control process exited with error code. See "systemctl status httpd.service" and "journalctl -xe" for details.

Cleaning up challenges
Error while running apachectl graceful.

Job for httpd.service invalid.

Unable to restart apache using ['apachectl', 'graceful']
Error while running apachectl restart.

Job for httpd.service failed because the control process exited with error code. See "systemctl status httpd.service" and "journalctl -xe" for details.

Encountered exception during recovery: MisconfigurationError: Error while running apachectl restart.

Job for httpd.service failed because the control process exited with error code. See "systemctl status httpd.service" and "journalctl -xe" for details.
Error while running apachectl restart.

Job for httpd.service failed because the control process exited with error code. See "systemctl status httpd.service" and "journalctl -xe" for details.

I finally got the system to work. This is Breezeview a TELRAD product working on a CENTOS 7 Server It is a nginx it a 443 forwarded to port 8082.

[root@bdnetbreeze /]# certbot --nginx -d bdnetbreeze.blackdragonnetworks.com
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Cert is due for renewal, auto-renewing...
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for bdnetbreeze.blackdragonnetworks.com
Using default addresses 80 and [::]:80 ipv6only=on for authentication.
Waiting for verification...
Cleaning up challenges
Deploying Certificate to VirtualHost /etc/nginx/nginx.conf
No matching insecure server blocks listening on port 80 found.


Your existing certificate has been successfully renewed, and the new certificate
has been installed.

The new certificate covers the following domains:
https://bdnetbreeze.blackdragonnetworks.com


IMPORTANT NOTES:

  • Congratulations! Your certificate and chain have been saved at:
    /etc/letsencrypt/live/bdnetbreeze.blackdragonnetworks.com/fullchain.pem
    Your key file has been saved at:
    /etc/letsencrypt/live/bdnetbreeze.blackdragonnetworks.com/privkey.pem
    Your cert will expire on 2022-07-19. To obtain a new or tweaked
    version of this certificate in the future, simply run certbot again
    with the "certonly" option. To non-interactively renew all of
    your certificates, run "certbot renew"

  • If you like Certbot, please consider supporting our work by:

    Donating to ISRG / Let's Encrypt: Donate - Let's Encrypt
    Donating to EFF: Support EFF's Work on Let's Encrypt | Electronic Frontier Foundation

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.