Nginx fails now apache fails

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:cvo.org.uk

I ran this command:certbot --authenticator webroot --installer apache -d cvo.org.uk

It produced this output:Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer apache
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for cvo.org.uk
Input the webroot for cvo.org.uk: (Enter ‘c’ to cancel): c
Cleaning up challenges
Every requested domain must have a webroot when using the webroot plugin.
[root@s16329623 letsencrypt]# certbot --authenticator webroot --installer apache -d cvo.org.uk
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer apache
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for cvo.org.uk
Input the webroot for cvo.org.uk: (Enter ‘c’ to cancel): /var/www/vhosts/cvo.org.uk/httpdocs
Waiting for verification…
Cleaning up challenges
Deploying Certificate to VirtualHost /etc/httpd/conf/plesk.conf.d/vhosts/cvo.org.uk.conf
Redirecting vhost in /etc/httpd/conf/plesk.conf.d/vhosts/cvo.org.uk.conf to ssl vhost in /etc/httpd/conf/plesk.conf.d/vhosts/cvo.org.uk.conf
Error while running apachectl graceful.
httpd not running, trying to start

(98)Address already in use: make_sock: could not bind to address [::]:443
(98)Address already in use: make_sock: could not bind to address 0.0.0.0:443
no listening sockets available, shutting down
Unable to open logs

Unable to restart apache using [‘apachectl’, ‘graceful’]
Error while running apachectl restart.
httpd not running, trying to start

(98)Address already in use: make_sock: could not bind to address [::]:443
(98)Address already in use: make_sock: could not bind to address 0.0.0.0:443
no listening sockets available, shutting down
Unable to open logs

Rolling back to previous server configuration…
Error while running apachectl graceful.
httpd not running, trying to start

(98)Address already in use: make_sock: could not bind to address [::]:443
(98)Address already in use: make_sock: could not bind to address 0.0.0.0:443
no listening sockets available, shutting down
Unable to open logs

Unable to restart apache using [‘apachectl’, ‘graceful’]
Error while running apachectl restart.
httpd not running, trying to start

(98)Address already in use: make_sock: could not bind to address [::]:443
(98)Address already in use: make_sock: could not bind to address 0.0.0.0:443
no listening sockets available, shutting down
Unable to open logs

Encountered exception during recovery:
Traceback (most recent call last):
File “/opt/eff.org/certbot/venv/lib64/python3.6/site-packages/certbot_apache/_internal/configurator.py”, line 2419, in _reload
util.run_script(self.option(“restart_cmd”))
File “/opt/eff.org/certbot/venv/lib64/python3.6/site-packages/certbot/util.py”, line 115, in run_script
raise errors.SubprocessError(msg)
certbot.errors.SubprocessError: Error while running apachectl graceful.
httpd not running, trying to start

(98)Address already in use: make_sock: could not bind to address [::]:443
(98)Address already in use: make_sock: could not bind to address 0.0.0.0:443
no listening sockets available, shutting down
Unable to open logs

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File “/opt/eff.org/certbot/venv/lib64/python3.6/site-packages/certbot/_internal/client.py”, line 573, in enhance_config
self.installer.restart()
File “/opt/eff.org/certbot/venv/lib64/python3.6/site-packages/certbot_apache/_internal/configurator.py”, line 2410, in restart
self._reload()
File “/opt/eff.org/certbot/venv/lib64/python3.6/site-packages/certbot_apache/_internal/configurator.py”, line 2437, in _reload
raise errors.MisconfigurationError(error)
certbot.errors.MisconfigurationError: Error while running apachectl restart.
httpd not running, trying to start

(98)Address already in use: make_sock: could not bind to address [::]:443
(98)Address already in use: make_sock: could not bind to address 0.0.0.0:443
no listening sockets available, shutting down
Unable to open logs

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File “/opt/eff.org/certbot/venv/lib64/python3.6/site-packages/certbot_apache/_internal/configurator.py”, line 2419, in _reload
util.run_script(self.option(“restart_cmd”))
File “/opt/eff.org/certbot/venv/lib64/python3.6/site-packages/certbot/util.py”, line 115, in run_script
raise errors.SubprocessError(msg)
certbot.errors.SubprocessError: Error while running apachectl graceful.
httpd not running, trying to start

(98)Address already in use: make_sock: could not bind to address [::]:443
(98)Address already in use: make_sock: could not bind to address 0.0.0.0:443
no listening sockets available, shutting down
Unable to open logs

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File “/opt/eff.org/certbot/venv/lib64/python3.6/site-packages/certbot/_internal/error_handler.py”, line 125, in _call_registered
self.funcs-1
File “/opt/eff.org/certbot/venv/lib64/python3.6/site-packages/certbot/_internal/client.py”, line 630, in _rollback_and_restart
self.installer.restart()
File “/opt/eff.org/certbot/venv/lib64/python3.6/site-packages/certbot_apache/_internal/configurator.py”, line 2410, in restart
self._reload()
File “/opt/eff.org/certbot/venv/lib64/python3.6/site-packages/certbot_apache/_internal/configurator.py”, line 2437, in _reload
raise errors.MisconfigurationError(error)
certbot.errors.MisconfigurationError: Error while running apachectl restart.
httpd not running, trying to start

(98)Address already in use: make_sock: could not bind to address [::]:443
(98)Address already in use: make_sock: could not bind to address 0.0.0.0:443
no listening sockets available, shutting down
Unable to open logs

Error while running apachectl restart.
httpd not running, trying to start

(98)Address already in use: make_sock: could not bind to address [::]:443
(98)Address already in use: make_sock: could not bind to address 0.0.0.0:443
no listening sockets available, shutting down
Unable to open logs

IMPORTANT NOTES:

  • An error occurred and we failed to restore your config and restart
    your server. Please post to
    https://community.letsencrypt.org/c/help with details about your
    configuration and this error you received.
  • Congratulations! Your certificate and chain have been saved at:
    /etc/letsencrypt/live/cvo.org.uk/fullchain.pem
    Your key file has been saved at:
    /etc/letsencrypt/live/cvo.org.uk/privkey.pem
    Your cert will expire on 2020-10-05. To obtain a new or tweaked
    version of this certificate in the future, simply run certbot again
    with the “certonly” option. To non-interactively renew all of
    your certificates, run “certbot renew”
    [root@s16329623 letsencrypt]# service httpd status
    httpd dead but pid file exists
    [root@s16329623 letsencrypt]# service httpd restart
    Stopping httpd: [ OK ]
    Starting httpd: (98)Address already in use: make_sock: could not bind to address [::]:443
    (98)Address already in use: make_sock: could not bind to address 0.0.0.0:443
    no listening sockets available, shutting down
    Unable to open logs
    [FAILED]

My web server is (include version):apache 2/nginx/plesk11.5

The operating system my web server runs on is (include version):centos 6

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):plesk 11.5

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):1.6.0

Hi @gordy

if you use Plesk, then

  • never,
  • never,
  • never

use Certbot manual. That can’t work. Plesk has it’s own rules and has an own Letsencrypt support. Use that.

You have created a certificate via webroot. But Plesk has it’s own vHosts management, so the ports are already blocked and Certbot should never change these config files managed via Plesk.

1 Like

OK. 11.5 doesn’t support let’s encrypt and I had a problem updating so thought I’d try it manually - bad move!
So how do I get httpd back?
I’ve removed nginx to simplify things.

I get this…
service httpd restart
Stopping httpd: [ OK ]
Starting httpd: [Tue Jul 07 21:30:44 2020] [warn] VirtualHost 87.106.253.198:7080 overlaps with VirtualHost 87.106.253.198:7080, the first has precedence, perhaps you need a NameVirtualHost directive
[Tue Jul 07 21:30:44 2020] [warn] VirtualHost 127.0.0.1:7080 overlaps with VirtualHost 127.0.0.1:7080, the first has precedence, perhaps you need a NameVirtualHost directive
(98)Address already in use: make_sock: could not bind to address [::]:443
[ OK ]

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.