The only thing this machine runs is an instance of the loncapa online homework system, so there’s nothing else being served via http. I don’t see any virtual host sections in the main httpd.conf file. Grateful for any help!
Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: loncapa.winona.edu
I ran this command: certbot --apache
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
No names were found in your configuration files. Please enter in your domain
name(s) (comma and/or space separated) (Enter ‘c’ to cancel): loncapa.winona.edu
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for loncapa.winona.edu
Cleaning up challenges
Unable to find a virtual host listening on port 80 which is currently needed for Certbot to prove to the CA that you control your domain. Please add a virtual host for port 80.
My web server is (include version):
[root@WSU-Lon-Capa conf]# apachectl -V
Server version: Apache/2.4.6 (Red Hat Enterprise Linux)
Server built: Jun 22 2018 01:19:25
Server’s Module Magic Number: 20120211:24
Server loaded: APR 1.4.8, APR-UTIL 1.5.2
Compiled using: APR 1.4.8, APR-UTIL 1.5.2
Architecture: 64-bit
Server MPM: prefork
threaded: no
forked: yes (variable process count)
Server compiled with…
-D APR_HAS_SENDFILE
-D APR_HAS_MMAP
-D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
-D APR_USE_SYSVSEM_SERIALIZE
-D APR_USE_PTHREAD_SERIALIZE
-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_RELIABLE_PIPED_LOGS
-D DYNAMIC_MODULE_LIMIT=256
-D HTTPD_ROOT="/etc/httpd"
-D SUEXEC_BIN="/usr/sbin/suexec"
-D DEFAULT_PIDLOG="/run/httpd/httpd.pid"
-D DEFAULT_SCOREBOARD=“logs/apache_runtime_status”
-D DEFAULT_ERRORLOG=“logs/error_log”
-D AP_TYPES_CONFIG_FILE=“conf/mime.types”
-D SERVER_CONFIG_FILE=“conf/httpd.conf”
The operating system my web server runs on is (include version): Linux, RHEL 7.6
My hosting provider, if applicable, is: Minnesota State University system
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no
That allowed certbot to successfully run. However, my webserver is now unresponsive. I assume when you said the text “PathToYourDocumentRoot” you meant something like /var/www/html ?
httpd.conf somehow reads the following after I copy and pasted. This is not what you were talking about originally.
# Listen: Allows you to bind Apache to specific IP addresses and/or
# ports, instead of the default. See also the <VirtualHost>
# directive.
#
# Change this to Listen on specific IP addresses as shown below to
# prevent Apache from glomming onto all bound IP addresses.
#
#Listen 12.34.56.78:80
Listen 80
<VirtualHost *:80>
DocumentRoot "PathToYourDocumentRoot"
ServerName loncapa.winona.edu
# Other directives here
RewriteEngine on
RewriteCond %{SERVER_NAME} =loncapa.winona.edu
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
Also, the DNS maps the ip to loncapa.winona.edu so I included:
ServerName loncapa.winona.edu:80
But our local dns maps loncapa.winona.edu to the machine’s ip address 52.162.238.218 (as you already saw) Does the mismatch between hostname, IP and domainname matter?
I can’t find anything online to mention https.
You might have to put this behind a proxy.
Which most likely could be run on the same box / same IP / same FQDN.