Installing certificate by following tutorial failed

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: books.globalcountry.org

I ran this command: sudo certbot --apache

It produced this output:
Error while running apache2ctl graceful.httpd not running, trying to startAction ‘graceful’ failed. (and a lot more)

My web server is (include version): Apache2

The operating system my web server runs on is (include version): Ubuntu 16.04

My hosting provider, if applicable, is: Amazon Lightsail

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): WordPress

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.31.0

I followed the tutorial on the https://certbot.eff.org/lets-encrypt/ubuntuxenial-apache site, and it seems it installed a second apache server.
I can try to delete this instance with
sudo apt remove --auto-remove python-certbot-apache
but then how to proceed from there?

My goal is to install a certificate on my Amazon Lightsail Wordpress server that is independent from DNS challenge (I would need to bother a colleague for the DNS entries).

Thank you for your help!

python-certbot-apache is NOT an Apache instance! It’s just a plugin which accompanies certbot so it has Apache functionality (to authenticate through and install certs into Apache). Without it, you can’t use the --apache option and would have to install the TLS certificate manually into your Apache configuration.

Also, regarding your output earlier in your post: does your Apache actually run when you run that certbot command? Or is Apache offline?

I did not stop Apache before following the getting started tutorial on the certbot website.

From the output of the netstat command I conclude that there are 2 Apaches running ( 2 httpd services are listening, on ports 80 and 443).
Correct me if I am wrong, my Linux knowledge is very superficial.

I kind of solved the problem, but not to my satisfaction:
I stopped the second apache, disabled it, and started the bitnami apache.
It is not to my satisfaction because the renew certificate process does not go through.
Maybe I have to start the second apache to renew the certificate? Wild.

Would be grateful to learn whether the getting started tutorial mentioned above is not good for Amazon Lightsail setups or if I did something wrong?

You’re using Bitnami? In that case you shouldn’t be using certbot at all. As far as I know, it’s incompatible with certbot.

Try this how-to: https://docs.bitnami.com/aws/how-to/generate-install-lets-encrypt-ssl/

(Note: I assumed Amazon Lightsail is part of AWS Cloud, but I am not familiair with all those cloud options, so I might be wrong!)

Amazon Lightsail is part of the AWS Cloud, but the Wordpress image that is offered there is from Bitnami.
I will try the tutorial that you recommended, thank you!
Details will follow in the next days.

The bncert-tool that is explained in the link you gave worked straightforward and without any complications!

Thank you for your help!

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.