No renewals was attempted | DigitalOcean | Ubutun 18.04 | Apache | Wordpress Website

My domain is: johnsonchong.com

I ran this command: sudo certbot renew --dry-run

It produced this output:Saving debug log to /var/log/letsencrypt/letsencrypt.log


** DRY RUN: simulating ‘certbot renew’ close to cert expiry
** (The test certificates below have not been saved.)

No renewals were attempted.
** DRY RUN: simulating ‘certbot renew’ close to cert expiry
** (The test certificates above have not been saved.)

My web server is (include version): Apache

The operating system my web server runs on is (include version): Ubunto 18.04

My hosting provider, if applicable, is:digitalocean

I can login to a root shell on my machine

I’m using mac terminal to access my machine

The version of my client is certbot 0.31.0

Basically I want to renew my ssl

I also ran the below command

sudo certbot --apache -d johnsonchong.com -d www.johnsonchong.com

Output:

Saving debug log to /var/log/letsencrypt/letsencrypt.log

Error while running apache2ctl configtest.

Action ‘configtest’ failed.

The Apache error log may have more information.

AH00112: Warning: DocumentRoot [/var/www/html] does not exist

AH00526: Syntax error on line 19 of /etc/apache2/sites-enabled/000-default-le-ssl.conf:

SSLCertificateFile: file ‘/etc/letsencrypt/live/johnsonchong.com/fullchain.pem’ does not exist or is empty

The apache plugin is not working; there may be problems with your existing configuration.

The error was: MisconfigurationError(“Error while running apache2ctl configtest.\nAction ‘configtest’ failed.\nThe Apache error log may have more information.\n\nAH00112: Warning: DocumentRoot [/var/www/html] does not exist\nAH00526: Syntax error on line 19 of /etc/apache2/sites-enabled/000-default-le-ssl.conf:\nSSLCertificateFile: file ‘/etc/letsencrypt/live/johnsonchong.com/fullchain.pem’ does not exist or is empty\n”,)

Hi,

Did you delete your certificate by accident?
What’s the output of sudo certbot certificates?

Thank you

No, I didn’t … I can see my certificates in etc/letsencrypt/live

also if you would visit the site johnsonchong.com you can check the certificate over there as well.

As to the output of the command sudo certbot certificates

Output:

Saving debug log to /var/log/letsencrypt/letsencrypt.log


No certs found.


One odd thing I’m noticing is that whenever I’m loggin into my server … var/html/“all the wordpress files” gets into folder html.old automatically thus causing not found error and I have to manually login to my ftp and get the files out to etc/html … any solutions for this ?

You may want to check
/etc/apache2/sites-available/000-default.conf
/etc/apache2/sites-available/000-default-le-ssl.conf

and make sure the document root is pointing to the right location, if it is wrong then edit it and restart apache( always make a backup )
the try the certbot again.

Hope that helps

Did you move to a new server?

The reason you can't renew is because the certificate you said you have is not in certbot (local)'s database. In this case, you should consider issuing a new certificate and configure that in your web server.

P.S. As @advocaite said, you also need to temporarily remove the certificate reference from your Apache virtual host, since your Apache is complaining that they can't find your certificate in the location you specified.

Thank you

ok so I checked the document root on both the .conf file and the document root is absolutely correct.

Plus this directory /etc/letsencrypt/live/ is empty and does not have the certificates I believe.

What must be my next step

Hi,

Sorry about the delay.
Basically, you’ll need to find your Apache virtual host that contains reference to this certificate, and remove the reference. Then run certbot again to obtain a certificate for this domain, update the reference in that virtual host.

I have no idea why it’s empty, but since now the fact is… There’s no certificate in certbot and you don’t hold procession of the private key, it’s better to obtain a new certificate.

Any tips on doing this ?

I’m currently running a file search on filezilla on my server for the file “fullchain.pem”

I don’t think there’s any tips…
You can point the certificate/key reference to a dummy certificate/key pair to at least start your Apache, then get the certificate.

BTW, I have this doubt, I hope you can help.

If my directory doesn;t have the certificates, the apache is not running the way it should then how come the ssl on my website is all up and running.

Plus how do I exactly create a dummy? what file extentions and name etc ?

Sorry for the noob questions but I'm learning :slight_smile:

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.