I’m actually testing certbot on a test server (I’m a real noob with webserver in general) but when I run certbot I have the following error:
“Unable to find a virtual host listening on port 80 which is currently needed for Certbot to prove to the CA that you control your domain. Please add a virtual host for port 80.”
My domain is: apache.labo.jacquemin.eu
I ran this command: sudo /usr/local/bin/certbot-auto --apache
It produced this output:
Plugins selected: Authenticator apache, Installer apache
No names were found in your configuration files. Please enter in your domain
name(s) (comma and/or space separated) (Enter ‘c’ to cancel): apache.labo.jacquemin.eu
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for apache.labo.jacquemin.eu
Cleaning up challenges
Unable to find a virtual host listening on port 80 which is currently needed for Certbot to prove to the CA that you control your domain. Please add a virtual host for port 80.
My web server is (include version): httpd-2.4.37-12.
The operating system my web server runs on is (include version): CentOS Linux release 8.0.1905 (Core)
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.40.1
My domaine is reachable (default apache page) on both http and https (self signed) the vhost is configured like this:
yeah it’s working because it’s still the default vhost when you reach port 80 on the server.
By changing the folder name I have now an issue when restarting the service:
Dec 01 10:49:39 apache.labo.jacquemin.eu setroubleshoot: SELinux is preventing /usr/sbin/httpd from write access on the directory apache.labo.jacquemin.eu. For complete SELinux messages run: sealert ->
Dec 01 10:49:39 apache.labo.jacquemin.eu platform-python: SELinux is preventing /usr/sbin/httpd from write access on the directory apache.labo.jacquemin.eu.
If you believe that httpd should be allowed write access on the apache.labo.jacquemin.eu directory by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
allow this access for now by executing: