Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: kahli.net
I ran this command: Certbot auto update
It produced this output: Unable to find a virtual host listening on port 80
My web server is (include version): 2.2.15 (CentOS)
The operating system my web server runs on is (include version): Centos 6
My hosting provider, if applicable, is: Rogers
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No
The previous auto update by certbot would appear to use port 443 to update and this would be in the log/email
Performing the following challenges:
tls-sni-01 challenge for kahli.net
Encountered vhost ambiguity when trying to find a vhost for kahli.net but was unable to ask for user guidance in non-interactive mode. Certbot may need vhosts to be explicitly labelled with ServerName or ServerAlias directives.
Falling back to default vhost *:443…
Waiting for verification…
Cleaning up challenges
Now it seems to only use port 80 which is blocked by the ISP and results in this messages
Performing the following challenges:
http-01 challenge for kahli.net
Cleaning up challenges
Attempting to renew cert (kahli.net) from /etc/letsencrypt/renewal/kahli.net.conf produced an unexpected error: Unable to find a virtual host listening on port 80 which is currently needed for Certbot to prove to the CA that you control your domain. Please add a virtual host for port 80… Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/kahli.net/fullchain.pem (failure)
How can I configure cerbot to use the https port rather than the http port? All the previous updates over port 443 happened perfectly.
Many thanks, Mike