Help with a configuration error?

volleybrian · February 18, 2019, 2:36pm

I am getting this error when I run ./certbot-auto renew:

Could not choose appropriate plugin: The apache plugin is not working; there may be problems with your existing configuration.

The error was: MisconfigurationError("Error while running apachectl configtest.
Syntax error on line 208 of /etc/httpd/conf/vhosts-le-ssl.conf:
SSLCertificateFile: file '/etc/letsencrypt/live/mysitename/cert.pem' does not exist or is empty
",)

Here is that section from the Apache config file in question (line 208 is the one that starts with SSLCertificateFile):

<IfModule mod_ssl.c>
<VirtualHost *:443>
DocumentRoot /var/www/mysitename/htdocs
ServerName mysitename.com
ServerAlias www.mysitename.com
DirectoryIndex index.php index.html
<Directory "/var/www/mysitename">
AllowOverride all
allow from all
Options -Indexes
</Directory>
ErrorLog logs/mysitename.com/err.log
CustomLog logs/mysitename.com/www.log combined
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/mysitename.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/mysitename.com/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/mysitename.com/chain.pem
</VirtualHost>
</IfModule>
<IfModule mod_ssl.c>
</IfModule>

Any suggestions? Thanks so much.

JuergenAuer · February 18, 2019, 3:04pm

Hi @volleybrian

did you delete that file? Is the file empty? Are the rights correct?

volleybrian · February 18, 2019, 3:42pm

That file does not exist – in fact the whole /mysitename.com/ directory is gone.

JuergenAuer · February 18, 2019, 4:24pm

Then remove this vHost.

volleybrian · February 18, 2019, 4:39pm

Remove the whole vhost completely, restart Apache, run certbot to make sure there are no errors, then recreate the vhost? (It is an active site so I do need it.)

JuergenAuer · February 18, 2019, 4:45pm

I think the directory is gone? Is this vHost used?

If you have removed certificates, your vHost is dead. And it's easier that you have a working http - configuration, then certbot creates the https - version.

volleybrian · February 18, 2019, 5:13pm

The website is up & running, but you have to get through the browser-generated warning screen that it might be a fake site.

JuergenAuer · February 18, 2019, 5:25pm

Then another vHost is used. But if you have other vHosts and other certificates, change

these names to not existing domain names and change

SSLCertificateFile /etc/letsencrypt/live/mysitename.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/mysitename.com/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/mysitename.com/chain.pem

to an existing certificate. So certbot should ignore that vHost.

volleybrian · February 20, 2019, 5:17am

Thanks much. I deleted that site’s entry from vhosts-le-ssl.conf and restarted Apache. Everything worked fine. I was able to run certbot to update other certs, and then added SSL to this vhost with no trouble.

system · March 22, 2019, 5:17am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.