My domain is: sao.virtualsolar.org

I ran this command:[root@kurasuta-0-0 bin]# /usr/local/bin/certbot-auto --apache

It produced this output:Saving debug log to /var/log/letsencrypt/letsencrypt.log
The apache plugin is not working; there may be problems with your existing configuration.
The error was: PluginError('There has been an error in parsing the file /etc/httpd/vhosts.d/sao.virtualsolar.org-le-ssl.conf on line 247: Syntax error',)
[root@kurasuta-0-0 bin]#

My web server is (include version): Apache

httpd -v

Server version: Apache/2.2.15 (Unix)
Server built: Jun 19 2018 15:45:13
The operating system my web server runs on is (include version): CentOS release 6.9 (Final)
My hosting provider, if applicable, is: None.
I can login to a root shell on my machine (yes or no, or I don't know): Yes.
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
[root@kurasuta-0-0 vhosts.d]# certbot-auto --version
certbot 1.8.0

Line 247 of said file appears to be the last line of the file and merely says:
</VirtualHost>
The log file is short enough that I've included it below.

[root@kurasuta-0-0 letsencrypt]# more letsencrypt.log
2020-09-18 12:14:12,876:DEBUG:certbot._internal.main:certbot version: 1.8.0
2020-09-18 12:14:12,879:DEBUG:certbot._internal.main:Arguments:
2020-09-18 12:14:12,880:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2020-09-18 12:14:12,914:DEBUG:certbot._internal.log:Root logging level set at 20
2020-09-18 12:14:12,916:INFO:certbot._internal.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2020-09-18 12:14:12,969:DEBUG:certbot._internal.plugins.selection:Requested authenticator <certbot._internal.cli.cli_utils._Default object at 0x7efe90eddb00> and installer <certbot._internal.cli.cli_utils._Default object at 0x7efe90eddb00>
2020-09-18 12:14:13,021:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): ocsp.int-x3.letsencrypt.org:80
2020-09-18 12:14:18,152:DEBUG:urllib3.connectionpool:http://ocsp.int-x3.letsencrypt.org:80 "POST / HTTP/1.1" 200 527
2020-09-18 12:14:18,154:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/sao.virtualsolar.org/cert1.pem is signed by the certificate's
issuer.

Could you post the full /etc/httpd/vhosts.d/sao.virtualsolar.org-le-ssl.conf file and also:

sudo apachectl configtest

This might possibly be https://github.com/certbot/certbot/issues/8224.

If there are any "include" statements, then the line 247 (shown) may not be 247th line "in the file".

as requested:
[root@kurasuta-0-0 vhosts.d]# more sao.virtualsolar.org-le-ssl.conf

##
## SSL Virtual Host Context
##

<IfModule mod_ssl.c>
 
<VirtualHost _default_:443>
    ServerName sao.virtualsolar.org
    DocumentRoot "/var/www/html"
    <Directory /var/www/html>
        Options Indexes FollowSymLinks Includes
        #Options Indexes FollowSymLinks
        AllowOverride none
# Apache 2.2	
	Allow from all
# Apache 2.4	
#	Require all granted
    </Directory>
    ErrorLog logs/sao_virtualsolar_ssl_error_log
    TransferLog logs/sao_virtual_ssl_access_log
    LogLevel warn
    <IfModule mpm_itk_module>
    #AssignUserId www-data www-data
       AssignUserId www-data apache
    </IfModule>

#	<IfModule mod_security2.c>
#    	    SecWebAppId "kurasuta-0-0-dmz.cfa.harvard.edu"
#    	    CustomLog logs/modsec_custom_log \
#    	    "%h %l %u %t \"%r\" %>s %b %{mod_security-message}i" \
#    	    env=mod_security-relevant
#    	</IfModule>

    LDAPTrustedMode SSL

#   SSL Engine Switch:
#   Enable/Disable SSL for this virtual host.
    SSLEngine on

    SSLProxyEngine On

#SSL Protocol support:
# List the enable protocol levels with which clients will be able to
# connect.  Disable SSLv2 access by default:
    SSLProtocol all -SSLv2

#   SSL Cipher Suite:
# List the ciphers that the client is permitted to negotiate.
# See the mod_ssl documentation for a complete list.
    SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW

#   Server Certificate:
#   Point SSLCertificateFile at a PEM encoded certificate.  If
#   the certificate is encrypted, then you will be prompted for a
#   pass phrase.  Note that a kill -HUP will prompt again.  Keep
#   in mind that if you have both an RSA and a DSA certificate you
#   can configure both in parallel (to also allow the use of DSA
#   ciphers, etc.)
    
    SSLCertificateFile /etc/letsencrypt/live/sao.virtualsolar.org/cert.pem

	#   Server Private Key:
	#   If the key is not combined with the certificate, use this
	#   directive to point at the key file.  Keep in mind that if
	#   you've both a RSA and a DSA private key you can configure
	#   both in parallel (to also allow the use of DSA ciphers, etc.)
    SSLCertificateKeyFile /etc/letsencrypt/live/sao.virtualsolar.org/privkey.pem

	#   Server Certificate Chain:
	#   Point SSLCertificateChainFile at a file containing the
	#   concatenation of PEM encoded CA certificates which form the
	#   certificate chain for the server certificate. Alternatively
	#   the referenced file can be the same as SSLCertificateFile
	#   when the CA certificates are directly appended to the server
	#   certificate for convinience.
    SSLCertificateChainFile /etc/letsencrypt/live/sao.virtualsolar.org/chain.pem

	#   Certificate Authority (CA):
	#   Set the CA certificate verification path where to find CA
	#   certificates for client authentication or alternatively one
	#   huge file containing all of them (file must be PEM encoded)
	#   Note: Inside SSLCACertificatePath you need hash symlinks
	#         to point to the certificate files. Use the provided
	#         Makefile to update the hash symlinks after changes.
	#SSLCACertificatePath /etc/apache2/ssl.crt
	#SSLCACertificateFile /etc/pki/tls/interm/kurasuta-0-0_cfa_harvard_edu_interm.cer
        #SSLCACertificateFile /etc/pki/tls/certs/ca-bundle.crt

	#   Certificate Revocation Lists (CRL):
	#   Set the CA revocation path where to find CA CRLs for client
	#   authentication or alternatively one huge file containing all
	#   of them (file must be PEM encoded)
	#   Note: Inside SSLCARevocationPath you need hash symlinks
	#         to point to the certificate files. Use the provided
	#         Makefile to update the hash symlinks after changes.
	#SSLCARevocationPath /etc/apache2/ssl.crl
	#SSLCARevocationFile /etc/apache2/ssl.crl/ca-bundle.crl

	#   Client Authentication (Type):
	#   Client certificate verification type and depth.  Types are
	#   none, optional, require and optional_no_ca.  Depth is a
	#   number which specifies how deeply to verify the certificate
	#   issuer chain before deciding the certificate is not valid.
	#SSLVerifyClient require
	#SSLVerifyDepth  10

        # Limit (in bytes) on maximum size of an XML-based request body. A value of 0 will disable any checking.
        LimitXMLRequestBody 0

        #Include conf.d/*.conf
        #Include conf.d/subversion.conf
        #Include conf.d/trac.conf
	#Include conf.d/phpMyAdmin.conf
	#Include conf.d/mailman.conf

        Include alias.d/www-*.conf

	#   Access Control:
	#   With SSLRequire you can do per-directory access control based
	#   on arbitrary complex boolean expressions containing server
	#   variable checks and other lookup directives.  The syntax is a
	#   mixture between C and Perl.  See the mod_ssl documentation
	#   for more details.
	#<Location />
	#SSLRequire (    %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \
	#            and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
	#            and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \
	#            and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \
	#            and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20       ) \
	#           or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/
	#</Location>

	#   SSL Engine Options:
	#   Set various options for the SSL engine.
	#   o FakeBasicAuth:
	#     Translate the client X.509 into a Basic Authorisation.  This means that
	#     the standard Auth/DBMAuth methods can be used for access control.  The
	#     user name is the `one line' version of the client's X.509 certificate.
	#     Note that no password is obtained from the user. Every entry in the user
	#     file needs this password: `xxj31ZMTZzkVA'.
	#   o ExportCertData:
	#     This exports two additional environment variables: SSL_CLIENT_CERT and
	#     SSL_SERVER_CERT. These contain the PEM-encoded certificates of the
	#     server (always existing) and the client (only existing when client
	#     authentication is used). This can be used to import the certificates
	#     into CGI scripts.
	#   o StdEnvVars:
	#     This exports the standard SSL/TLS related `SSL_*' environment variables.
	#     Per default this exportation is switched off for performance reasons,
	#     because the extraction step is an expensive operation and is usually
	#     useless for serving static content. So one usually enables the
	#     exportation for CGI and SSI requests only.
	#   o CompatEnvVars:
	#     This exports obsolete environment variables for backward compatibility
	#     to Apache-SSL 1.x, mod_ssl 2.0.x, Sioux 1.0 and Stronghold 2.x. Use this
	#     to provide compatibility to existing CGI scripts.
	#   o StrictRequire:
	#     This denies access when "SSLRequireSSL" or "SSLRequire" applied even
	#     under a "Satisfy any" situation, i.e. when it applies access is denied
	#     and no other module can change it.
	#   o OptRenegotiate:
	#     This enables optimized SSL connection renegotiation handling when SSL
	#     directives are used in per-directory context. 
	#SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire
        <Files ~ "\.(cgi|shtml|phtml|php3?)$">
            SSLOptions +StdEnvVars
        </Files>
        <Directory "/var/www/cgi-bin">
            SSLOptions +StdEnvVars
        </Directory>

#        <IfModule mod_userdir.c>
#            UserDir /var/www/personal/*/public_html
#            UserDir disable root

#            <Directory /var/www/personal/*/public_html>
#                AllowOverride None
#                Options MultiViews Indexes SymLinksIfOwnerMatch Includes
#                <Limit GET POST OPTIONS>
#                    Order allow,deny
#                    Allow from all
#                </Limit>
#                <LimitExcept GET POST OPTIONS>
#                    Order deny,allow
#                    Deny from all
#                </LimitExcept>

#                <IfModule mod_php5.c>
#                    php_admin_flag engine off
#                </IfModule>
#                <IfModule mod_php4.c>
#                   php_admin_flag engine off
#                </IfModule>
#                <IfModule mod_suphp.c>
#                  suPHP_Engine Off
#                </IfModule>
#            </Directory>

#            ScriptAliasMatch ^/~([^/]*)/cgi-bin/(.*) /var/www/personal/$1/public_html/cgi-bin/$2
#            <Directory /var/www/personal/*/public_html/cgi-bin>
#                Options -ExecCGI
#                SetHandler cgi-script
#                AllowOverride None
#                Order deny,allow
#                Deny from all
#            </Directory>
#        </IfModule>

	#   SSL Protocol Adjustments:
	#   The safe and default but still SSL/TLS standard compliant shutdown
	#   approach is that mod_ssl sends the close notify alert but doesn't wait for
	#   the close notify alert from client. When you need a different shutdown
	#   approach you can use one of the following variables:
	#   o ssl-unclean-shutdown:
	#     This forces an unclean shutdown when the connection is closed, i.e. no
	#     SSL close notify alert is send or allowed to received.  This violates
	#     the SSL/TLS standard but is needed for some brain-dead browsers. Use
	#     this when you receive I/O errors because of the standard approach where
	#     mod_ssl sends the close notify alert.
	#   o ssl-accurate-shutdown:
	#     This forces an accurate shutdown when the connection is closed, i.e. a
	#     SSL close notify alert is send and mod_ssl waits for the close notify
	#     alert of the client. This is 100% SSL/TLS standard compliant, but in
	#     practice often causes hanging connections with brain-dead browsers. Use
	#     this only for browsers where you know that their SSL implementation
	#     works correctly. 
	#   Notice: Most problems of broken clients are also related to the HTTP
	#   keep-alive facility, so you usually additionally want to disable
	#   keep-alive for those clients, too. Use variable "nokeepalive" for this.
	#   Similarly, one has to force some clients to use HTTP/1.0 to workaround
	#   their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and
	#   "force-response-1.0" for this.
        SetEnvIf User-Agent ".*MSIE.*" \
                 nokeepalive ssl-unclean-shutdown \
                 downgrade-1.0 force-response-1.0

	#   Per-Server Logging:
	#   The home of a custom SSL log file. Use this when you want a
	#   compact non-error SSL logfile on a virtual host basis.
	#        CustomLog logs/ssl_request_log \
	#                  "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"


</VirtualHost>                                  

Line 116:

        Include alias.d/www-*.conf

Lines 5-7:

<IfModule mod_ssl.c>
 
<VirtualHost _default_:443>

Line 244:

</VirtualHost>                                  

As posted, this file seems to be missing the "end" to the initial IfModule block.

so I need a line that says what,
</IfModule> or
</IfModule mod_ssl.c> or
something like that, and it should probably go the line just above the
</VirtualHost> line?

Yes, and no, the file needs:
</IfModule>
after
</VirtualHost>

Ok, I will try that and let you know. Thank you for your time.

Here is the 100 foot view of your file:

<IfModule ...>
  <VirtualHost ...>
    <Directory>
    </Directory>
    <IfModule ...>
    </IfModule>
    Include alias.d/www-*.conf
    <Files ...>
    </Files>
    <Directory ...
    </Directory>
  </VirtualHost>
</IfModule>       <<<<< M I S S I N G

Well, we're getting further along. I'm at least getting into the menus, but it seems the httpd doesn't want to start now. Lovely.

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache

Which names would you like to activate HTTPS for?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: aia.cfa.harvard.edu
2: helio.cfa.harvard.edu
3: hinode5.cfa.harvard.edu
4: kurasuta.cfa.harvard.edu
5: kurasuta-0-0.cfa.harvard.edu
6: kurasuta-0-0-dmz.cfa.harvard.edu
7: solar-exhibits.cfa.harvard.edu
8: xrt.cfa.harvard.edu
9: sao.virtualsolar.org
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel): 9
Cert is due for renewal, auto-renewing...
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for sao.virtualsolar.org
Waiting for verification...
Cleaning up challenges
Deploying Certificate to VirtualHost /etc/httpd/vhosts.d/sao.virtualsolar.org-le-ssl.conf
Added an HTTP->HTTPS rewrite in addition to other RewriteRules; you may wish to check for overall consistency.
Redirecting vhost in /etc/httpd/vhosts.d/sao.virtualsolar.org.conf to ssl vhost in /etc/httpd/vhosts.d/sao.virtualsolar.org-le-ssl.conf
Error while running apachectl graceful.
httpd not running, trying to start

(98)Address already in use: make_sock: could not bind to address 0.0.0.0:443
no listening sockets available, shutting down
Unable to open logs

Unable to restart apache using ['apachectl', 'graceful']
Error while running apachectl restart.
httpd not running, trying to start

(98)Address already in use: make_sock: could not bind to address 0.0.0.0:443
no listening sockets available, shutting down
Unable to open logs

Rolling back to previous server configuration...
Error while running apachectl graceful.
httpd not running, trying to start

(98)Address already in use: make_sock: could not bind to address 0.0.0.0:443
no listening sockets available, shutting down
Unable to open logs

Unable to restart apache using ['apachectl', 'graceful']
Error while running apachectl restart.
httpd not running, trying to start

(98)Address already in use: make_sock: could not bind to address 0.0.0.0:443
no listening sockets available, shutting down
Unable to open logs

Encountered exception during recovery: 
Traceback (most recent call last):
  File "/opt/eff.org/certbot/venv/lib64/python3.6/site-packages/certbot_apache/_internal/configurator.py", line 2419, in _reload
    util.run_script(self.option("restart_cmd"))
  File "/opt/eff.org/certbot/venv/lib64/python3.6/site-packages/certbot/util.py", line 115, in run_script
    raise errors.SubprocessError(msg)
certbot.errors.SubprocessError: Error while running apachectl graceful.
httpd not running, trying to start

(98)Address already in use: make_sock: could not bind to address 0.0.0.0:443
no listening sockets available, shutting down
Unable to open logs


During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/opt/eff.org/certbot/venv/lib64/python3.6/site-packages/certbot/_internal/client.py", line 573, in enhance_config
    self.installer.restart()
  File "/opt/eff.org/certbot/venv/lib64/python3.6/site-packages/certbot_apache/_internal/configurator.py", line 2410, in restart
    self._reload()
  File "/opt/eff.org/certbot/venv/lib64/python3.6/site-packages/certbot_apache/_internal/configurator.py", line 2437, in _reload
    raise errors.MisconfigurationError(error)
certbot.errors.MisconfigurationError: Error while running apachectl restart.
httpd not running, trying to start

(98)Address already in use: make_sock: could not bind to address 0.0.0.0:443
no listening sockets available, shutting down
Unable to open logs


During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/opt/eff.org/certbot/venv/lib64/python3.6/site-packages/certbot_apache/_internal/configurator.py", line 2419, in _reload
    util.run_script(self.option("restart_cmd"))
  File "/opt/eff.org/certbot/venv/lib64/python3.6/site-packages/certbot/util.py", line 115, in run_script
    raise errors.SubprocessError(msg)
certbot.errors.SubprocessError: Error while running apachectl graceful.
httpd not running, trying to start

(98)Address already in use: make_sock: could not bind to address 0.0.0.0:443
no listening sockets available, shutting down
Unable to open logs


During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/opt/eff.org/certbot/venv/lib64/python3.6/site-packages/certbot/_internal/error_handler.py", line 125, in _call_registered
    self.funcs[-1]()
  File "/opt/eff.org/certbot/venv/lib64/python3.6/site-packages/certbot/_internal/client.py", line 630, in _rollback_and_restart
    self.installer.restart()
  File "/opt/eff.org/certbot/venv/lib64/python3.6/site-packages/certbot_apache/_internal/configurator.py", line 2410, in restart
    self._reload()
  File "/opt/eff.org/certbot/venv/lib64/python3.6/site-packages/certbot_apache/_internal/configurator.py", line 2437, in _reload
    raise errors.MisconfigurationError(error)
certbot.errors.MisconfigurationError: Error while running apachectl restart.
httpd not running, trying to start

(98)Address already in use: make_sock: could not bind to address 0.0.0.0:443
no listening sockets available, shutting down
Unable to open logs

Error while running apachectl restart.
httpd not running, trying to start

(98)Address already in use: make_sock: could not bind to address 0.0.0.0:443
no listening sockets available, shutting down
Unable to open logs


IMPORTANT NOTES:
 - An error occurred and we failed to restore your config and restart
   your server. Please post to
   https://community.letsencrypt.org/c/help with details about your
   configuration and this error you received.
 - Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/sao.virtualsolar.org/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/sao.virtualsolar.org/privkey.pem
   Your cert will expire on 2020-12-28. To obtain a new or tweaked
   version of this certificate in the future, simply run certbot-auto
   again with the "certonly" option. To non-interactively renew *all*
   of your certificates, run "certbot-auto renew"

[root@kurasuta-0-0 vhosts.d]#

Please show the output of:
sudo apachectl configtest
sudo apachectl -S

[root@kurasuta-0-0 conf.d]# apachectl configtest
Syntax OK
[root@kurasuta-0-0 conf.d]# apachectl -S
VirtualHost configuration:
wildcard NameVirtualHosts and default servers:
*:443 is a NameVirtualHost
default server kurasuta.cfa.harvard.edu (/etc/httpd/vhosts.d/0www-secure.conf:29)
port 443 namevhost kurasuta.cfa.harvard.edu (/etc/httpd/vhosts.d/0www-secure.conf:29)
port 443 namevhost aia.cfa.harvard.edu (/etc/httpd/vhosts.d/aia.cfa.harvard.edu-secure.conf:28)
port 443 namevhost hinode5.cfa.harvard.edu (/etc/httpd/vhosts.d/hinode5.cfa.harvard.edu-secure.conf:29)
port 443 namevhost sao.virtualsolar.org (/etc/httpd/vhosts.d/sao.virtualsolar.org-le-ssl.conf:8)
port 443 namevhost solar-exhibits.cfa.harvard.edu (/etc/httpd/vhosts.d/solar-exhibits.cfa.harvard.edu-secure.conf:29)
port 443 namevhost xrt.cfa.harvard.edu (/etc/httpd/vhosts.d/xrt.cfa.harvard.edu-secure.conf:28)
*:80 is a NameVirtualHost
default server kurasuta-0-0-dmz.cfa.harvard.edu (/etc/httpd/vhosts.d/0www-public.conf:12)
port 80 namevhost kurasuta-0-0-dmz.cfa.harvard.edu (/etc/httpd/vhosts.d/0www-public.conf:12)
port 80 namevhost aia.cfa.harvard.edu (/etc/httpd/vhosts.d/aia.cfa.harvard.edu-public.conf:12)
port 80 namevhost hinode5.cfa.harvard.edu (/etc/httpd/vhosts.d/hinode5.cfa.harvard.edu-public.conf:13)
port 80 namevhost sao.virtualsolar.org (/etc/httpd/vhosts.d/sao.virtualsolar.org.conf:2)
port 80 namevhost solar-exhibits.cfa.harvard.edu (/etc/httpd/vhosts.d/solar-exhibits.cfa.harvard.edu-public.conf:14)
port 80 namevhost xrt.cfa.harvard.edu (/etc/httpd/vhosts.d/xrt.cfa.harvard.edu-public.conf:12)
Syntax OK

Well that all looks good.

Did you get it started?
Are there any error messages?

I tried to get it running a couple different ways:

root@kurasuta-0-0 conf.d]# httpd -k restart
httpd not running, trying to start
(98)Address already in use: make_sock: could not bind to address 0.0.0.0:443
no listening sockets available, shutting down
Unable to open logs
[root@kurasuta-0-0 conf.d]# /etc/init.d/httpd restart
Stopping httpd:                                            [  OK  ]
Starting httpd: (98)Address already in use: make_sock: could not bind to address 0.0.0.0:443
no listening sockets available, shutting down
Unable to open logs
                                                           [FAILED]

But failed in both cases. Googling the error, I found suggestions to rename /etc/httpd/ssl.conf to
/etc/httpd/ssl.conf.bak

But I'm worried that that might break ssl for the 4 or 5 OTHER websites on this server that DON'T use letsencrypt. IDK.

I would check to see what is now listening to 80 and 443 first.
[before changing anything]

Try:
sudo netstat -pant | grep -i listen | grep -E ':80|:443'

Also, are any of the secure sites now working?

It looks like the server has been restarted but it really lacks a basic secure configuration.
See: https://www.ssllabs.com/ssltest/analyze.html?d=helio.cfa.harvard.edu

image962×578 24.2 KB

image896×269 5.72 KB

With httpd not starting, it appears all of my sites on this host are down now.

[root@kurasuta-0-0 conf.d]# netstat -pant | grep -i listen | grep -E ':80|:443'
[root@kurasuta-0-0 conf.d]#

helio isn't one of the sites on this server. It's hosted elsewhere.

Also, I tried renaming /etc/httpd/conf/ssl.conf but httpd still refused to start because it's conf told it to expect that file.

Name:    kurasuta-0-0-dmz.cfa.harvard.edu
Address:  131.142.18.202
Aliases:  helio.cfa.harvard.edu

Name:    kurasuta-0-0-dmz.cfa.harvard.edu
Address:  131.142.18.202
Aliases:  sao.virtualsolar.org

And yet both have the same external IP...
Is there a proxy in between your system and the Internet?