Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:yewtreecottage.org.uk
I ran this command: sudo certbot —apache
It produced this output:
No names were found in your configuration files. Please enter in your domain
name(s) (comma and/or space separated) (Enter ‘c’ to cancel): IMPORTANT NOTES:
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
The domain name and directory seem to be accessible (eg if I put an html file there) but certbot has put nothing in that directory
~
My web server is (include version):
apache-tomcat-9.0.20
The operating system my web server runs on is (include version):
Debian GNU/Linux 9.11 (stretch)
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don’t know):
Yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
No
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.28.0
Tomcat doesn’t play well with LE.
That said, some have managed to get certs for it.
In various clever ways I might add.
But they are mostly NOT simple tasks.
My suggestion is try using --webroot -w /path/to/your/DocumentRoot as that would keep certbot from trying to interact with the unfriendly Ally cat (I mean Tomcat).
Please show: ls -l ${CATALINA_BASE}/webapps/ROOT
[does that look like your webroot/documentroot ?]
-rw-r----- 1 tomcat tomcat 27235 May 3 2019 asf-logo-wide.svg
-rw-r----- 1 tomcat tomcat 713 May 3 2019 bg-button.png
-rw-r----- 1 tomcat tomcat 1918 May 3 2019 bg-middle.png
-rw-r----- 1 tomcat tomcat 1401 May 3 2019 bg-nav.png
-rw-r----- 1 tomcat tomcat 3103 May 3 2019 bg-upper.png
-rw-r----- 1 tomcat tomcat 21630 May 3 2019 favicon.ico
-rw-r–r-- 1 tomcat tomcat 150 Oct 16 13:18 index.html
-rw-r----- 1 tomcat tomcat 12208 May 3 2019 index.jsp
-rw-r----- 1 tomcat tomcat 6852 May 3 2019 RELEASE-NOTES.txt
-rw-r----- 1 tomcat tomcat 5581 May 3 2019 tomcat.css
-rw-r----- 1 tomcat tomcat 2066 May 3 2019 tomcat.gif
-rw-r----- 1 tomcat tomcat 5103 May 3 2019 tomcat.png
-rw-r----- 1 tomcat tomcat 2376 May 3 2019 tomcat-power.gif
-rw-r----- 1 tomcat tomcat 67795 May 3 2019 tomcat.svg
drwxr-x— 2 tomcat tomcat 4096 May 30 11:17 WEB-INF
sudo certbot --apache --webroot -w /opt/tomcat/latest/webapps/ROOT |tee log2
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Too many flags setting configurators/installers/authenticators ‘apache’ -> ‘webroot’
I am aware that the fact that the site is pasword protected may be a problem, but surely that should not stop certbot creating the file that is being sought, even if it cant be reached. I cant see a file ‘e7hgx…’ anywhere on the system.
An update:-
certbot insisted that I use certonly mode. And I had to disable the user login while I ran it but
sudo certbot certonly --webroot -w /opt/tomcat/latest/webapps/ROOT
worked and produced a certificate and keyfile. Now I just need to work out what to do with them.
If your are trying to secure a web server, that is very simple and there should be many online tutorials that show how to do so with your specific web server and O/S.
As always, if you still have questions involving the use of your LE cert, fell free to ask them here.
