Renewal fail (Unable to save files)

#1

Hello,

I am trying to renew a cert via http-01 challenge (certbot renew), but it keeps giving me an error that it is unable to save files:

Unable to save files: /etc/httpd/sites-enabled/customer-domains. Attempted Save Notes:
Cleaning up challenges

It produced this output:
2019-03-24 12:29:58,410:DEBUG:certbot_apache.http_01:writing a pre config file with text:
RewriteEngine on
RewriteRule ^/.well-known/acme-challenge/([A-Za-z0-9-_=]+)$ /var/lib/letsencrypt/http_challenges/$1 [END]

2019-03-24 12:29:58,410:DEBUG:certbot_apache.http_01:writing a post config file with text:
<Directory /var/lib/letsencrypt/http_challenges>
Require all granted

<Location /.well-known/acme-challenge>
Require all granted

2019-03-24 12:29:58,411:ERROR:certbot_apache.augeas_configurator:Unable to save files: /etc/httpd/sites-enabled/customer-domains. Attempted Save Notes:
2019-03-24 12:29:58,412:DEBUG:certbot.error_handler:Encountered exception:
Traceback (most recent call last):
File “/usr/lib/python2.7/site-packages/certbot/auth_handler.py”, line 75, in handle_authorizations
resp = self._solve_challenges(aauthzrs)
File “/usr/lib/python2.7/site-packages/certbot/auth_handler.py”, line 139, in _solve_challenges
resp = self.auth.perform(all_achalls)
File “/usr/lib/python2.7/site-packages/certbot_apache/configurator.py”, line 2281, in perform
http_response = http_doer.perform()
File “/usr/lib/python2.7/site-packages/certbot_apache/http_01.py”, line 74, in perform
self.configurator.save(“HTTP Challenge”, True)
File “/usr/lib/python2.7/site-packages/certbot_apache/augeas_configurator.py”, line 144, in save
save_files = self.unsaved_files()
File “/usr/lib/python2.7/site-packages/certbot_apache/augeas_configurator.py”, line 112, in unsaved_files
“Error saving files, check logs for more info.”)
PluginError: Error saving files, check logs for more info.

My web server is (include version): Apache/2.4.6 (Centos)

The operating system my web server runs on is (include version): CentOS 7.6.810

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if
you’re using Certbot): 0.31.0

I have no idea where the problem is about the saving. I have changed /etc/httpd/sites-enabled to 777 (including all subfolders). I have changed the document root to another location where ./well-known/acme-challenge directory exists and have made the whole document root 777.

I have no clue where the file saving error is (and do not get more information) and cannot use DNS challenge since the domainname is not mine. Any idea what I could do or how to debug? I still have a month before it expires, but would like to have this solved.

Thanks in advance!

#2

Please show:
ls -l /etc/httpd/sites-enabled/
ls -l /etc/httpd/sites-available/

#3

Thanks for your reply. There is a large lists of files, but the important one I have listed here:

sites-enabled:
drwxrwxrwx 2 root root 4096 Mar 24 12:34 customer-domains

sites-available:
drwxrwxrwx 2 root root 4096 Mar 24 20:28 customer-domains

For the sites-enabled/customer-domains:
-rwxrwxrwx 1 root root 592 Mar 24 12:37 customer-001.conf
-rwxrwxrwx 1 root root 727 Mar 24 12:38 customer-001-le-ssl.conf

(I tried moving customer-domains to sites-enabled due to the problem and recreated the directory afterwards in enabled but bot did not seem to work).

#4

The problem (to me) seems to be that certbot expects to find files where you have placed a directory.

#5

I believe it was always set up this way. But I’ll delete the current certificate and will request for a new one from scratch then I think. Thanks so far.

closed #6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.