Server certificate error


#1

Hello

I have a Problem at a Debian 7 installation (Linux 3.2.0-4-amd64 auf x86_64) with Apache Apache Version 2.2.22

Python is Version:
Python 2.7.3 (default, Mar 13 2014, 11:03:55)
[GCC 4.7.2] on linux2

If i try to install certificates installation will fail.
Can anybody help me.
Thanks
Othmar


#2

What do you tell people when they tell you “my computer doesn’t work, what do I do to fix it?” Right, you ask them for what error/misbehaviour they’re getting. You gave us exactly nothing to work with. “it will fail” is as useless of a problem description as it gets.


#3

Sorry the install log postin did not work the first time: (to many links)

root@awekassrv01:/usr/lib/letsencrypt# ./letsencrypt-auto
Bootstrapping dependencies for Debian-based OSes…
Hit http ://security.debian.org wheezy/updates Release.gpg
Hit http ://security.debian.org wheezy/updates Release
Hit http ://security.debian.org wheezy/updates/main Sources
Hit http //security.debian.org wheezy/updates/contrib Sources
Hit http //security.debian.org wheezy/updates/main amd64 Packages
Hit http ://security.debian.org wheezy/updates/contrib amd64 Packages
Hit http ://ftp.at.debian.org wheezy Release.gpg
Hit http ://security.debian.org wheezy/updates/contrib Translation-en
Hit http ://ftp.at.debian.org wheezy-updates Release.gpg
Hit http //security.debian.org wheezy/updates/main Translation-en
Hit http ://ftp.at.debian.org wheezy Release
Hit http ://ftp.at.debian.org wheezy-updates Release
Hit http ://ftp.at.debian.org wheezy/main Sources
Hit http ://ftp.at.debian.org wheezy/main amd64 Packages
Hit http ://ftp.at.debian.org wheezy/main Translation-en
Hit http ://ftp.at.debian.org wheezy-updates/main Sources
Hit http ://ftp.at.debian.org wheezy-updates/contrib Sources
Hit http ://ftp.at.debian.org wheezy-updates/main amd64 Packages/DiffIndex
Hit http ://ftp.at.debian.org wheezy-updates/contrib amd64 Packages
Hit http ://ftp.at.debian.org wheezy-updates/contrib Translation-en
Hit http ://ftp.at.debian.org wheezy-updates/main Translation-en
Reading package lists… Done
E: No packages found
Reading package lists… Done
Building dependency tree
Reading state information… Done
libaugeas0 is already the newest version.
ca-certificates is already the newest version.
dialog is already the newest version.
gcc is already the newest version.
git is already the newest version.
libffi-dev is already the newest version.
python is already the newest version.
python-dev is already the newest version.
python-virtualenv is already the newest version.
libssl-dev is already the newest version.
0 upgraded, 0 newly installed, 0 to remove and 4 not upgraded.
Creating virtual environment…
Updating letsencrypt and virtual environment dependencies…/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/pip/vendor/requests/packages/urllib3/util/ssl.py:90: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. For more information, see https ://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning.
InsecurePlatformWarning
./root/.local/share/letsencrypt/local/lib/python2.7/site-packages/pip/vendor/requests/packages/urllib3/util/ssl.py:90: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. For more information, see https ://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning.
InsecurePlatformWarning
.
Running with virtualenv: /root/.local/share/letsencrypt/bin/letsencrypt
No installers seem to be present and working on your system; fix that or try running letsencrypt with the “certonly” command


#4

Sorry but Logfile posting did not work (to many links)
Here is the log:

root@srv01:/usr/lib/letsencrypt# ./letsencrypt-auto
Bootstrapping dependencies for Debian-based OSes…
Hit http ://security.debian.org wheezy/updates Release.gpg
Hit http ://security.debian.org wheezy/updates Release
Hit http ://security.debian.org wheezy/updates/main Sources
Hit http ://security.debian.org wheezy/updates/contrib Sources
Hit http ://security.debian.org wheezy/updates/main amd64 Packages
Hit http ://security.debian.org wheezy/updates/contrib amd64 Packages
Hit http ://ftp.at.debian.org wheezy Release.gpg
Hit http ://security.debian.org wheezy/updates/contrib Translation-en
Hit http ://ftp.at.debian.org wheezy-updates Release.gpg
Hit http ://security.debian.org wheezy/updates/main Translation-en
Hit http ://ftp.at.debian.org wheezy Release
Hit http ://ftp.at.debian.org wheezy-updates Release
Hit http ://ftp.at.debian.org wheezy/main Sources
Hit http ://ftp.at.debian.org wheezy/main amd64 Packages
Hit http ://ftp.at.debian.org wheezy/main Translation-en
Hit http ://ftp.at.debian.org wheezy-updates/main Sources
Hit http ://ftp.at.debian.org wheezy-updates/contrib Sources
Hit http ://ftp.at.debian.org wheezy-updates/main amd64 Packages/DiffIndex
Hit http ://ftp.at.debian.org wheezy-updates/contrib amd64 Packages
Hit http ://ftp.at.debian.org wheezy-updates/contrib Translation-en
Hit http ://ftp.at.debian.org wheezy-updates/main Translation-en
Reading package lists… Done
E: No packages found
Reading package lists… Done
Building dependency tree
Reading state information… Done
libaugeas0 is already the newest version.
ca-certificates is already the newest version.
dialog is already the newest version.
gcc is already the newest version.
git is already the newest version.
libffi-dev is already the newest version.
python is already the newest version.
python-dev is already the newest version.
python-virtualenv is already the newest version.
libssl-dev is already the newest version.
0 upgraded, 0 newly installed, 0 to remove and 4 not upgraded.
Creating virtual environment…
Updating letsencrypt and virtual environment dependencies…/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/pip/vendor/requests/packages/urllib3/util/ssl.py:90: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. For more information, see https ://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning.
InsecurePlatformWarning
./root/.local/share/letsencrypt/local/lib/python2.7/site-packages/pip/vendor/requests/packages/urllib3/util/ssl.py:90: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. For more information, see https ://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning.
InsecurePlatformWarning
.
Running with virtualenv: /root/.local/share/letsencrypt/bin/letsencrypt
No installers seem to be present and working on your system; fix that or try running letsencrypt with the “certonly” command


#5

Sorry but if i post a Log the posting was deleted automatically. How can i add the Install Log?


#6

Here ist the log at pastebin: http://pastebin.com/W6jYgUzG

Thank you
Othmar


#7

One note: if i call script with : ./letsencrypt-auto --apache
i got following:

root@srv01:/usr/lib/letsencrypt# ./letsencrypt-auto --apache
Updating letsencrypt and virtual environment dependencies…
Running with virtualenv: /root/.local/share/letsencrypt/bin/letsencrypt --apache
The apache plugin is not working; there may be problems with your existing configuration.
The error was: PluginError(‘Unable to parse runtime variables’,)

seems to be : https://github.com/letsencrypt/letsencrypt/issues/1208

apache2ctl -t -D DUMP_RUN_CFG
Syntax OK


#8

That is the debug log: http://pastebin.com/GMVRW7rU

Hope it helps

Othmar


#9

This appears to be a known issue with apache 2.2. I would recommend using the webroot plugin and manually configuring apache until the issue is fixed.

See the documentation for webroot and Mozilla’s SSL guide for apache for details on how to do that.