How Do You Install LetsEncrypt on Google Clouds Platform

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: ncileadership.org

I ran this command:

It produced this output:

My web server is (include version): Bitnami

The operating system my web server runs on is (include version): Google App Engine

My hosting provider, if applicable, is: Google Clouds Platform

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): I don’t know which to use.

For Bitnami in particular, it’s best to follow along with their instructions: https://docs.bitnami.com/general/how-to/generate-install-lets-encrypt-ssl/

@_az
I sent him over to the bitnami community due to the litany of problems we were running into in this topic:

This is totally frustrating. No harm meant. Just saying. The original files have been put back in place… and yet getting errors when trying to launch the url.

As we said, it’s a bitnami issue. The platform and cert tool are their own. We can assist how we can, but Let’s Encrypt focuses on certificates. Wish we had a local bitnami person who could bridge the gap. From what I’ve seen on Bitnami’s community forums though, they have the resources and experience to give you direct specifics.

Here is the problem that I am having. Although I stopped my services, I am not being able to bind to ports 80 and 443.

You can identify who is using port 80 or 443 with:

ss -tlnp | grep -E ":(80|443)"

@Jubilee2020 would you be interested in a short paid arrangement for somebody from the community to login to your server and help sort this out for you (from @schoen or someone else)? No pressure to, just if you feel like you could be spared trying to fix this yourself.

I figured that this was coming. Colleagues told me to watch for this.

No, I’m happy to help you solve it here - try the ss command and let me know what it says.

State Recv-Q Send-Q Local Address:Port Peer Address:Port

LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
users:((“sshd”,pid=663,fd=3))
LISTEN 0 128 :80 :
users:((“httpd”,pid=22162,fd=4),(“httpd”,pid=22134,fd=4),(“httpd”,pid=21412,fd=4),(“httpd”,pid=21411,fd=4),(“httpd”,pid=21410,fd=4),(“httpd”,pid=21409,fd=4),(“httpd”,pid=2140
8,fd=4),(“httpd”,pid=21405,fd=4))
LISTEN 0 128 [::]:22 [::]:
users:((“sshd”,pid=663,fd=4))

OK. Apache is still running, as shown by “httpd” being listed there.

If it’s still there even after running:

sudo /opt/bitnami/ctlscript.sh stop

you can try forcefully kill it with:

killall -9 httpd

That should take care of the binding problem.

Killed them all including Apache2 earlier

I understand, but the ss command you ran proves that that script didn’t kill Apache properly, because it’s still bound to the ports.

That’s why I have suggested using killall -9 httpd.

that's not a good command

sudo systemctl stop apache2.service

Yes, that is a better command than doing a kill -9. My motivation to use it (as a last resort) was that your control scripts were failing to stop Apache on their own.

Let me know when ss no longer shows httpd.

@_az does this mean that :80 is yet running?

Check the ss command again. If it shows httpd, then Apache is still running.