Options-ssl-apache.conf doesn't exist

I tried to install Let’s Encrypt with certbot on Ubuntu 16 LTS. I’m running Apache. Certs were built with no issues. When adding the configuration for 443, I noticed there is an include for /etc/letsencrypt/options-ssl-apache.conf below the certificate includes. This file wasn’t added during the install process and doesn’t exist anywhere on the server. Has anybody run into this issue?

Hi @jblackz69,

What command did you run? What did you mean by “when adding the configuration for 443” — were you doing so manually for some reason?

For now, if you just need a copy of this file, it’s probably available somewhere where your Certbot is installed, or you can download a copy from

https://raw.githubusercontent.com/certbot/certbot/master/certbot-apache/certbot_apache/options-ssl-apache.conf

I ran certbot certonly --webroot --agree-tos --email me@myemail.com -d mydomain.com -d www.mydomain.com -w /var/www/html

I was following the procedure at https://www.linuxbabe.com/security/letsencrypt-webroot-tls-certificate. I manually created the site conf file because I received a prompt that stated I couldn’t do auto configuration.

I’ll check out the options-ssl-apache.conf you posted.

I’m sorry to say that the tutorial you followed didn’t really think this issue through. By using certonly, they omitted the certificate installation step, yet the sample Apache configuration file that they provided is one that assumed that the certificate installation had been performed by Certbot, in particular because of the exact problem that you ran into about the include file!

Everybody who follows that tutorial would run into exactly the trouble that you did.

If you want, we could look at the error about auto-configuration and try to figure out what went wrong, but there’s also probably nothing wrong or bad about the configuration that you’ve ended up with. (certbot renew should probably be able to use the webroot method to renew this certificate automatically in the future, although unlike methods that use the Apache installer, certbot renew won’t reload or restart the webserver for you after the certificate is renewed unless you also add a --renew-hook option to specify this behavior.)

I copied the code over from the example you provided and it’s working. I’ll take a crack at the renew cron job now. Thanks for your help, schoen!

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.