"Please add a virtual host for port 80."

Help
41

ok undo the rewrite engine modification and add this instead:
[[[outside the VirtualHost block - above it - in the main config section]]]
<IfModule alias_module>
Alias /.well-known/acme-challenge/ /var/lib/letsencrypt/http_challenges/
</IfModule>

[and cross your fingers - LOL]

And remove the directory: /Users/luomat/Sites/mini.luo.ma/.well-known/

And see if this can output the entire config:
sudo apache2ctl -DDUMP_CONFIG
[didn’t work for me]

regardless of outcome, this is my last post on this.
I hope it works.

42

Same error as before.

Trying to find apache2ctl on my computer.

Thanks for the help. I think I'll come back in a few months and see if the process has been improved any.

43

Your DNS settings are ok, you have a 404.

But if your test file works, you have found your correct webroot.

So use

sudo certbot -a webroot -w yourwebroot -d mini.luo.ma -i apache

so Certbot doesn't create any own redirects.

https://certbot.eff.org/docs/using.html

3 Likes
44

Oh! I think that worked! (Mostly automatically.)

At the end of the output, it said:

Created an SSL vhost at /private/etc/apache2/httpd-le-ssl.conf
Cannot find an SSLCertificateFile directive in /files/private/etc/apache2/httpd-le-ssl.conf/IfModule/VirtualHost. VirtualHost was not modified
Unable to find an SSLCertificateFile directive

¹ (Note: Full output of the command is at the bottom of this post.)

Despite what it says, there is no file at /private/etc/apache2/httpd-le-ssl.conf.

In fact, there’s no httpd-le-ssl.conf anywhere, at least I could not find one.

However, I decided to search for the error message “Unable to find an SSLCertificateFile directive” in the docs, and found that https://certbot.eff.org/docs/install.html?highlight=sslcertificatefile said to make sure that this was enabled:

LoadModule ssl_module libexec/apache2/mod_ssl.so

That line was commented out in my /etc/apache2/httpd.conf file, so I enabled it, and restarted apache.

Then I knew that I needed to add the certificate to the Server.app in Mac OS X.

In order to even see the certificates in Finder, I needed to change permissions on two folders:

sudo chmod 755 /etc/letsencrypt/live/
sudo chmod 755 /private/etc/letsencrypt/archive/

(both had been chmod 700 before)

Then I added the privkey.pem and fullchain.pem to ‘Certificates’ in Server.app

I enabled the key and now I can connect to https://mini.luo.ma !

:dancing_men::dancing_men:

Sooo… I guess that until I need to renew my certificate, I’m all set?

Thanks to everyone for their help! I literally could not have done it without you.

¹ Here’s the full output of the command that I ran:

% sudo certbot -a webroot -w /Users/luomat/Sites/mini.luo.ma -d mini.luo.ma -i apache
Password:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer apache
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for mini.luo.ma
Using the webroot path /Users/luomat/Sites/mini.luo.ma for all unmatched domains.
Waiting for verification...
Cleaning up challenges
Created an SSL vhost at /private/etc/apache2/httpd-le-ssl.conf
Cannot find an SSLCertificateFile directive in /files/private/etc/apache2/httpd-le-ssl.conf/IfModule/VirtualHost. VirtualHost was not modified
Unable to find an SSLCertificateFile directive

IMPORTANT NOTES:
 - Unable to install the certificate
 - Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/mini.luo.ma/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/mini.luo.ma/privkey.pem
   Your cert will expire on 2019-01-24. To obtain a new or tweaked
   version of this certificate in the future, simply run certbot again
   with the "certonly" option. To non-interactively renew *all* of
   your certificates, run "certbot renew"
2 Likes
45

https://httpd.apache.org/docs/2.4/vhosts/examples.html

46

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.