root@server [/home/nutopias/public_html]# ./certbot-auto --apache
/opt/eff.org/certbot/venv/lib/python2.6/site-packages/cryptography/init.py:26: DeprecationWarning: Python 2.6 is no longer supported by the Python core team, please upgrade your Python. A future version of cryptography will drop support for Python 2.6
DeprecationWarning
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Failed to find executable apachectl in PATH: /usr/local/cpanel/3rdparty/lib/path-bin:/usr/local/jdk/bin:/usr/local/cpanel/3rdparty/lib/path-bin:/usr/local/cpanel/3rdparty/lib/path-bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/opt/cpanel/composer/bin:/usr/local/bin:/usr/X11R6/bin:/root/bin
The apache plugin is not working; there may be problems with your existing configuration.
The error was: NoInstallationError(‘Cannot find Apache control command apachectl’,)
My web server is (include version): Apache
The operating system my web server runs on is (include version): CentOS6 CPanel
My hosting provider, if applicable, is: A Small Orange
I can login to a root shell on my machine (yes or no, or I don’t know): Yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): CPanel
I’m assuming that some combination of my host and the fact that we’re running CPanel is making this impossible to set up through the shell. Does anyone have any experience with ASO and getting LE certs installed?
I can generate a cert and CSR through CPanel. It’s not that hard. But I’d rather get a LE cert than pay for one.
Are you sure you actually have root shell access as opposed to limited shell access? This sounds like shared hosting, which places multiple customers on a single server, and thus cannot allow users to have root access. Certbot, unfortunately, requires root. However, there are other tools such as acme.sh which do not. You could try this with something like webroot instead of Apache, but I suspect you’ll run into similar issues.
Note that you may also need to manually apply certificates, as your host likely doesn’t allow you direct access to the Apache configs where this is set.
I definitely have root shell and I’ve mucked around in the apache configs before. I have access to them but as this is a WHM/CPanel setup, anything I do at the config files is eventually overwritten automatically, so if I want permanent changes I have to engage support. That’s what leads me to believe I have to do this through CPanel. There’s a process to do it - could I use GetHTTPSforfree.com? I am able to use the key I generated in CPanel to sign the requests as necessary.
