Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: landandwater.com.au
I ran this command: sudo systemctl start apache2 (after installing Certbot
It produced this output:Job for apache2.service failed because the control process exited with error code.
My web server is (include version): Apache2 on Ubuntu 22.04 LTS
The operating system my web server runs on is (include version):Ubuntu Server 22.04 Nginx provides reverse proxy services for sites on Apache2
My hosting provider, if applicable, is: self
I can login to a root shell on my machine (yes or no, or I don't know):Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):certbot 4.0.0
what error code? can we see that?
1 Like
Hi orangepizza
At the end of the install of Certbot, the Apache server would not restart.
Glad to get any other error code if you can assist on how to get it.
thanks
David
let's start with running it again with some more -v
Hi orangepizza
Your last message arrived during dinner. Sorry for the delay in replying.
more -V produced 'more from util-linux 2.37.2'
thanks for your help
David
Try run apache again and try to post everything it throws? And try get apache log file if you can
from the console
server_operator@soil-health-server:~$ sudo systemctl start apache2
Job for apache2.service failed because the control process exited with error code.
See "systemctl status apache2.service" and "journalctl -xeu apache2.service" for details.
getting Apache log next.
From the error log
server_operator@soil-health-server:/var/log/apache2$ cat error.log.1
[Fri May 16 00:00:01.318314 2025] [ssl:warn] [pid 1421] AH01909: 192.168.1.105:4443:0 server certificate does NOT include an ID which matches the server name
[Fri May 16 00:00:01.318367 2025] [http2:warn] [pid 1421] AH10034: The mpm module (prefork.c) is not supported by mod_http2. The mpm determines how things are processed in your server. HTTP/2 has more demands in this regard and the currently selected mpm will just not do. This is an advisory warning. Your server will continue to work, but the HTTP/2 protocol will be inactive.
[Fri May 16 00:00:01.324284 2025] [mpm_prefork:notice] [pid 1421] AH00163: Apache/2.4.52 (Ubuntu) mod_R/1.2.9 R/4.1.2 OpenSSL/3.0.2 mod_apreq2-20090110/2.8.0 configured -- resuming normal operations
[Fri May 16 00:00:01.324292 2025] [core:notice] [pid 1421] AH00094: Command line: '/usr/sbin/apache2'
Using locale: en_AU.UTF-8
Using locale: en_AU.UTF-8
Using locale: en_AU.UTF-8
AppArmor available! Running OpenCPU with security profile and rlimits.
AppArmor available! Running OpenCPU with security profile and rlimits.
AppArmor available! Running OpenCPU with security profile and rlimits.
Using locale: en_AU.UTF-8
Using locale: en_AU.UTF-8
Loading config from /usr/lib/opencpu/library/opencpu/config/defaults.conf
Loading config from /usr/lib/opencpu/library/opencpu/config/defaults.conf
Loading config from /usr/lib/opencpu/library/opencpu/config/defaults.conf
AppArmor available! Running OpenCPU with security profile and rlimits.
AppArmor available! Running OpenCPU with security profile and rlimits.
Loading config from /etc/opencpu/server.conf
Loading config from /etc/opencpu/server.conf
Loading config from /etc/opencpu/server.conf
Loading config from /usr/lib/opencpu/library/opencpu/config/defaults.conf
Loading config from /usr/lib/opencpu/library/opencpu/config/defaults.conf
Loading config from /etc/opencpu/server.conf
Loading config from /etc/opencpu/server.conf
OpenCPU cloud server ready.
OpenCPU cloud server ready.
OpenCPU cloud server ready.
OpenCPU cloud server ready.
OpenCPU cloud server ready.
[Fri May 16 11:15:27.461708 2025] [php:error] [pid 7395] [client 192.168.1.105:53526] script '/var/www/soil-health/public_html/matomo.php' not found or unable to stat
[Fri May 16 11:30:57.689810 2025] [php:error] [pid 7397] [client 192.168.1.105:43924] script '/var/www/soil-health/public_html/matomo.php' not found or unable to stat
[Fri May 16 14:56:42.188101 2025] [mpm_prefork:notice] [pid 1421] AH00171: Graceful restart requested, doing restart
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 192.168.1.105. Set the 'ServerName' directive globally to suppress this message
(98)Address already in use: AH00072: make_sock: could not bind to address [::]:443
(98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:443
[Fri May 16 14:56:42.196094 2025] [mpm_prefork:alert] [pid 1421] no listening sockets available, shutting down
[Fri May 16 14:56:42.196097 2025] [:emerg] [pid 1421] AH00019: Unable to open logs, exiting
It looks like several disparate errors. Some issues seem clear but even setting the ServerName directive globally is something I have yet to learn.
I found matomo.php in another nearby folder and copied it to the location it was expected to be. Not sure that's a solution.
Something else uses port 443 so apache can't bind port needed, what's using it?
1 Like
I believe that nginx would be using it. Sorry if that proxy arrangement was not clear
Hence I am not sure whether the global directive goes in nginx or apache
Than I think certbot added vhost to listen443/80 erroneously, remove it to right port
Are nginx and Aoache on the same machine?
1 Like
Hi orangepizza
How can I tell which are the right ports to move it to?
you config nginx to proxypass to apache, didn't you?
I am stopping now for today. I will look for your suggestions in the morning.
Yes. I had it set up for me at that time about three years ago.
Sorry I still need clarification.
If nginx proxy to Apache on same machine you don't need a certificate for Apache. Nginx will need a cert to handle the incoming HTTPS request but it can proxy to Apache using HTTP
Apache won't use port 80 or port 443 then. Nginx will. Proxy to it using port 8080 or something like that
2 Likes