Renew is telling me I don't have vhost on Port 80, but I do

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: Robert-chalmers.uk

I ran this command: com.letsencrypt.renew

It produced this output:

Certificate is due for renewal, auto-renewing...
Non-interactive renewal: random delay of 354.575170335215 seconds
Could not find ssl_module; not disabling session tickets.
Plugins selected: Authenticator apache, Installer apache
Performing the following challenges:
http-01 challenge for robert-chalmers.uk
Cleaning up challenges
Failed to renew certificate robert-chalmers.uk with error: Unable to find a virtual host listening on port 80 which is currently needed for Certbot to prove to the CA that you control your domain. Please add a virtual host for port 80.
All renewals failed. The following certificates could not be renewed:

My web server is (include version): Apache
VirtualHost configuration:
*:443 robert-chalmers.uk (/usr/local/etc/httpd/extra/httpd-vhosts.conf:27)
*:80 robert-chalmers.uk (/usr/local/etc/httpd/extra/httpd-vhosts.conf:244)

The operating system my web server runs on is (include version):
M2 Mac mini

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
certbot 2.11.0

I don't Mac, so take this with a grain of salt...

Did you run that command with root privilege?

Yes I did.

This is what runs
/usr/local/bin/certbot --apache -v renew

From the plist file,
com.letsencrypt.renew

This has worked successfully for years, not suddenly - seemingly after some code update on Monterey, it giving the errors.
This is the full output of the log file.

Certificate is due for renewal, auto-renewing...
Non-interactive renewal: random delay of 383.5381870501708 seconds
Could not find ssl_module; not disabling session tickets.
Plugins selected: Authenticator apache, Installer apache
Performing the following challenges:
http-01 challenge for robert-chalmers.uk
Cleaning up challenges
Failed to renew certificate robert-chalmers.uk with error: Unable to find a virtual host listening on port 80 which is currently needed for Certbot to prove to the CA that you control your domain. Please add a virtual host for port 80.
All renewals failed. The following certificates could not be renewed:
/etc/letsencrypt/live/robert-chalmers.uk/fullchain.pem (failure)
1 renew failure(s), 0 parse failure(s)
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.

Would you post the contents of that file? I am wondering if "Could not find ssl_module" is somehow impacting this.

First up, this time it kind of worked. Only one warning/error

Hand input command....

sudo /usr/local/bin/certbot --apache -v renew

Password:

Saving debug log to /var/log/letsencrypt/letsencrypt.log

Processing /etc/letsencrypt/renewal/robert-chalmers.uk.conf

/usr/local/Cellar/certbot/2.11.0_1/libexec/lib/python3.12/site-packages/certbot/ocsp.py:238: CryptographyDeprecationWarning: Properties that return a naïve datetime object have been deprecated. Please switch to this_update_utc.

if not response_ocsp.this_update:

/usr/local/Cellar/certbot/2.11.0_1/libexec/lib/python3.12/site-packages/certbot/ocsp.py:240: CryptographyDeprecationWarning: Properties that return a naïve datetime object have been deprecated. Please switch to this_update_utc.

if response_ocsp.this_update > now + timedelta(minutes=5):

/usr/local/Cellar/certbot/2.11.0_1/libexec/lib/python3.12/site-packages/certbot/ocsp.py:242: CryptographyDeprecationWarning: Properties that return a naïve datetime object have been deprecated. Please switch to next_update_utc.

if response_ocsp.next_update and response_ocsp.next_update < now - timedelta(minutes=5):

Certificate is due for renewal, auto-renewing...

ssl_module is statically linked but --apache-bin is missing; not disabling session tickets.

Plugins selected: Authenticator apache, Installer apache

Renewing an existing certificate for robert-chalmers.uk

Performing the following challenges:

http-01 challenge for robert-chalmers.uk

Waiting for verification...

Cleaning up challenges

Reloading apache server after certificate renewal

Congratulations, all renewals succeeded:

/etc/letsencrypt/live/robert-chalmers.uk/fullchain.pem (success)

zeus:httpd Robert$

Yeah, those are just warnings.

Almost looks like a different system Glad it is working

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.