N00b struggling with Apache Server

Help
1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: drinkcana.com

I ran this command: sudo certbot --apache -d drinkcana.com -d www.drinkcana.com

It produced this output:
Error while running apache2ctl graceful.
httpd not running, trying to start
Action ā€˜gracefulā€™ failed.
The Apache error log may have more information.

(98)Address already in use: AH00072: make_sock: could not bind to address [::]:80
(98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
AH00015: Unable to open logs

My web server is (include version):
Apache 2.2.32 (Unix)

The operating system my web server runs on is (include version):
Debian 9

My hosting provider, if applicable, is:
Google Cloud Compute Engine

I can login to a root shell on my machine (yes or no, or I donā€™t know): Yes

Iā€™m using a control panel to manage my site (no, or provide the name and version of the control panel):
No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if youā€™re using Certbot): certbot 0.28.0

Additional Context:
So I think I know a little of whatā€™s happening. Iā€™m using a Jetware installation which includes a second version of apache (http://jetware.io/appliances/jetware/lamp7-170503/profile )

Certbot is looking in the ā€œstandardā€ Apache folder for the running vhost, but itā€™s actually running in /jet/etc/apache

So when I shut down the ā€œstandardā€ apache, and restart with the Jetware Apache the Certificates donā€™t apply anymore.

Is there any way (and is it as simple as) pointing Certbot to look in the different apache directory to do itā€™s thing?
Or if I want to use certbot, would it be easier to just use the ā€œstandardā€ apache?

PS: Iā€™m partially comfortable with Command line but would classify myself as a n00b because Iā€™m primarily self taught.

2

There are some parameters:

apache:
  Apache Web Server plugin

  --apache-enmod APACHE_ENMOD
                        Path to the Apache 'a2enmod' binary (default: a2enmod)
  --apache-dismod APACHE_DISMOD
                        Path to the Apache 'a2dismod' binary (default:
                        a2dismod)
  --apache-le-vhost-ext APACHE_LE_VHOST_EXT
                        SSL vhost configuration extension (default: -le-
                        ssl.conf)
  --apache-server-root APACHE_SERVER_ROOT
                        Apache server root directory (default: /etc/apache2)
  --apache-vhost-root APACHE_VHOST_ROOT
                        Apache server VirtualHost configuration root (default:
                        None)
  --apache-logs-root APACHE_LOGS_ROOT
                        Apache server logs directory (default:
                        /var/log/apache2)
  --apache-challenge-location APACHE_CHALLENGE_LOCATION
                        Directory path for challenge configuration (default:
                        /etc/apache2)
  --apache-handle-modules APACHE_HANDLE_MODULES
                        Let installer handle enabling required modules for you
                        (Only Ubuntu/Debian currently) (default: True)
  --apache-handle-sites APACHE_HANDLE_SITES
                        Let installer handle enabling sites for you (Only
                        Ubuntu/Debian currently) (default: True)
  --apache-ctl APACHE_CTL
                        Full path to Apache control script (default:
                        apache2ctl)

But it can be a little fragile. An easier approach might be to use certbot certonly and manually configure your Jetware Apache server to use the certificate.

1 Like
3

It seems that the --apache plugin is unable to restart apache (gracefully) via apachectl.
I donā€™t know that I can fix thatā€¦ but there are other ways to get this to work.

  1. use webroot
    --webroot -w /path/to/document/root

  2. define a specific location for all challenge requests (using mod alias)

     LoadModule alias_module modules/mod_alias.so

     <IfModule alias_module>
           Alias /.well-known/acme-challenge/ /ACMEchallenge/
     </IfModule>

[where /ACMEchallenge/ is any folder of your choosing - but must exist and be accessible to certbot]

  1. use --standalone (not recommended - last choice)
    a. stop apache
    b. certbot certonly --standalone -d your.domains
    c. start apache
4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.