Huge long error,

eluldan · August 11, 2020, 2:33pm

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:skipthedealer.gq

I ran this command:sudo certbot --apache

It produced this output:

Blockquote
sudo certbot --apache
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
No names were found in your configuration files. Please enter in your domain
name(s) (comma and/or space separated) (Enter 'c' to cancel): skipthedealer.gq www.skipthedealer.gq
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for skipthedealer.gq
http-01 challenge for www.skipthedealer.gq
Enabled Apache rewrite module
Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1. Set the 'ServerName'
directive globally to suppress this message
(98)Address already in use: AH00072: make_sock: could not bind to address [::]:80
(98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
AH00015: Unable to open logs
Unable to restart apache using ['apache2ctl', 'graceful']
Cleaning up challenges
Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1. Set the 'ServerName'
directive globally to suppress this message
(98)Address already in use: AH00072: make_sock: could not bind to address [::]:80
(98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
AH00015: Unable to open logs
Unable to restart apache using ['apache2ctl', 'graceful']
Encountered exception during recovery:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/certbot_apache/configurator.py", line 2185, in _reload
util.run_script(self.option("restart_cmd"))
File "/usr/lib/python3/dist-packages/certbot/util.py", line 86, in run_script
raise errors.SubprocessError(msg)
certbot.errors.SubprocessError: Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1. Set the 'ServerName'
directive globally to suppress this message
(98)Address already in use: AH00072: make_sock: could not bind to address [::]:80
(98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
AH00015: Unable to open logs
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 75, in handle_authorizations
resp = self._solve_challenges(aauthzrs)
File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 139, in _solve_challenges
resp = self.auth.perform(all_achalls)
File "/usr/lib/python3/dist-packages/certbot_apache/configurator.py", line 2287, in perform
self.restart()
File "/usr/lib/python3/dist-packages/certbot_apache/configurator.py", line 2175, in restart
self._reload()
File "/usr/lib/python3/dist-packages/certbot_apache/configurator.py", line 2203, in _reload
raise errors.MisconfigurationError(error)
certbot.errors.MisconfigurationError: Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1. Set the 'ServerName'
directive globally to suppress this message
(98)Address already in use: AH00072: make_sock: could not bind to address [::]:80
(98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
AH00015: Unable to open logs
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/certbot_apache/configurator.py", line 2185, in _reload
util.run_script(self.option("restart_cmd"))
File "/usr/lib/python3/dist-packages/certbot/util.py", line 86, in run_script
raise errors.SubprocessError(msg)
certbot.errors.SubprocessError: Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1. Set the 'ServerName' directive globally to suppress this message
(98)Address already in use: AH00072: make_sock: could not bind to address [::]:80
(98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
AH00015: Unable to open logs
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/certbot/error_handler.py", line 108, in _call_registered
self.funcs-1
File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 323, in _cleanup_challenges
self.auth.cleanup(achalls)
File "/usr/lib/python3/dist-packages/certbot_apache/configurator.py", line 2312, in cleanup
self.restart()
File "/usr/lib/python3/dist-packages/certbot_apache/configurator.py", line 2175, in restart
self._reload()
File "/usr/lib/python3/dist-packages/certbot_apache/configurator.py", line 2203, in _reload
raise errors.MisconfigurationError(error)
certbot.errors.MisconfigurationError: Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1. Set the 'ServerName' directive globally to suppress this message
(98)Address already in use: AH00072: make_sock: could not bind to address [::]:80
(98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
AH00015: Unable to open logs
Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1. Set the 'ServerName' directive globally to suppress this message
(98)Address already in use: AH00072: make_sock: could not bind to address [::]:80
(98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
AH00015: Unable to open logs

My web server is (include version):?

The operating system my web server runs on is (include version):debian 10 buster

My hosting provider, if applicable, is:google cloud platform

I can login to a root shell on my machine (yes or no, or I don't know):yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):no, SSH

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

I hope I posted this correctly, I've tried a few guides, and non of them were able to set up the SSL Cert. I have done this before, it worked fine..something with this set up is preventing me. Is there away to undo what I've done and start the SSL steps again? or better yet, just a way to make it work....

9peppe · August 11, 2020, 3:52pm

Hi, @eluldan, welcome:

Are you using Bitnami?

If so, uninstall certbot and follow their documentation: https://docs.bitnami.com/general/faq/administration/generate-configure-certificate-letsencrypt/

eluldan · August 12, 2020, 2:13am

Hey @9peppe , Thanks for the help! it got me on the right track....

Blockquote
Are you using Bitnami?

Yes

Blockquote
If so, uninstall certbot and follow their documentation: https://docs.bitnami.com/general/faq/administration/generate-configure-certificate-letsencrypt/

Done.

New error (FML-lol)

Blockquote
Domain: www.skipthedealer.gq
Type: unauthorized
Detail: Invalid response from
https://skipthedealer.gq/.well-known/acme-challenge/[SOME CODE not sure if its supposed to be private so I removed it]
[ IP Address removed for privacy]: "\n<html
lang="en-US">\n\n\n\t<meta charset="UTF-8">\n\t<meta
name="viewport" content="width=device-width, initial-"

Domain: skipthedealer.gq
Type: unauthorized
Detail: Invalid response from
https://skipthedealer.gq/.well-known/acme-challenge/[[SOME CODE not sure if its supposed to be private so I removed it]
[ IP Address removed for privacy]: "\n<html
lang="en-US">\n\n\n\t<meta charset="UTF-8">\n\t<meta
name="viewport" content="width=device-width, initial-"

I think its the DNS settings, however I just deleted all the records and left the two A RECORDs [@,www] [SAME IP]
I was going to wait for the DNS to update at lease a few hours then try again. unfortunately according to https://letsencrypt.org/docs/rate-limits/ I've maxed out, for I believe the week...

9peppe · August 12, 2020, 7:17am

This is strange: that request goes to wordpress, and it should not. Did you modify your apache config in some way?

% curl -ILk http://skipthedealer.gq/.well-known/acme-challenge/404
HTTP/1.1 301 Moved Permanently
Date: Wed, 12 Aug 2020 07:13:45 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Location: https://www.skipthedealer.gq/.well-known/acme-challenge/404
Content-Type: text/html; charset=iso-8859-1

HTTP/1.1 301 Moved Permanently
Date: Wed, 12 Aug 2020 07:13:46 GMT
Server: Apache
X-Powered-By: PHP/7.4.7
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
X-Frame-Options: SAMEORIGIN
Location: https://skipthedealer.gq/.well-known/acme-challenge/404
Content-Type: text/html; charset=UTF-8

HTTP/1.1 404 Not Found
Date: Wed, 12 Aug 2020 07:13:46 GMT
Server: Apache
X-Powered-By: PHP/7.4.7
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://skipthedealer.gq/wp-json/>; rel="https://api.w.org/"
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8

I don't think so. Let's Debug Toolkit

The failed validations rate limit is per hour, not per week.

eluldan · August 13, 2020, 3:16am

First off, a BIG THANK YOU for taking the time to help me out, I truly do appreciate it.

This is strange: that request goes to Wordpress, and it should not. Did you modify your apache config in some way?

I am not sure, but very much possible. I could've copied & pasted over it while rushing through the multiple guides...(I just figured out blockquote LMAO)
Is there any way to check? .

well-known/acme-challenge/404

I don't know if it's relavent but,
I've seen this the DNS server I have on NameCheap FreeDNS service. which is "nameserver'd" from Freenom. which I've tried reseting those and it keeps coming back..

I just re ran certbot with the same error..

eluldan · August 14, 2020, 8:37pm

@9peppe

So I’ve searched everywhere, I found the NANO function, but the only guides I found was for the WP-Config file. Haven’t found much for editing apache config file…I’m not sure where to start…lmk if you have any idea…I’m going to keep searching…

9peppe · August 15, 2020, 8:43pm

nano is a text editor, it tells me you edited something but nothing more. at this point you could probably backup wordpress and reinstall it clean.

system · September 14, 2020, 8:43pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.