I have discovered a strange conundrum, I’m using the HTTP authentication for my certificate, which sits behind a varnish cache. This means varnish is listening on port 80, while apache listens on port 443 and 8080 (the latter redirects to 443 if accessed directly).
When trying to renew a certificate, either manually, or with certbots automatic cron task, it fails as there’s no virtual host in apache listening on port 80, this seems like a strange limitation to me, given that I can create a new certificate just fine without certbot trying to look for port 80.
My site, as denoted below in the information sheet, does have a valid certificate at this time, as I just issued a new one, given that the expiration date had passed and it doesn’t look good to have an invalid certificate. I’m not sure if this should be filed as a bug or not on Github, given that the interaction between registration and renewal have different criteria.
My domain is:
I ran this command:
It produced this output:
Attempting to renew cert (clorith.net) from /etc/letsencrypt/renewal/clorith.net.conf produced an unexpected error: Unable to find a virtual host listening on port 80 which is currently needed for Certbot to prove to the CA that you control your domain. Please add a virtual host for port 80… Skipping.
My web server is (include version):
apache2 - 2.4.18-2ubuntu3.9
varnish - 4.1.10-1~xenial
The operating system my web server runs on is (include version):
Ubuntu 16.04.5 LTS
I can login to a root shell on my machine (yes or no, or I don’t know):
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of
certbot --version or
certbot-auto --version if you’re using Certbot):