Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:hportal.redhammer.io

I ran this command:sudo certbot --apache -d hportal.redhammer.io

It produced this output:
Domain: hportal.redhammer.io
Type: unauthorized
Detail: Invalid response from
http://hportal.redhammer.io/.well-known/acme-challenge/qLAvAErstwISX1MMcYU6DsICFlTtl8v5GsbVD1tYS3U
[173.227.179.203]: "\n\n404 Not
Found\n\n

Not Found

To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.

• Your account credentials have been saved in your Certbot
  configuration directory at /etc/letsencrypt. You should make a
  secure backup of this folder now. This configuration directory will
  also contain certificates and private keys obtained by Certbot so
  making regular backups of this folder is ideal.

My web server is (include version): Apache/2.4.18 (Ubuntu)

The operating system my web server runs on is (include version):
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=16.04
DISTRIB_CODENAME=xenial
DISTRIB_DESCRIPTION="Ubuntu 16.04.7 LTS"

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

I'm not able to request a cert. I'm currently coordinating with our network folks whether ports 80 and 443 is enabled. Though I did test by browsing the URL and works on http but not on https. Not sure if this should be accessible even without a certificate on a https or need to redirect http to https before it'll work?

Thanks
TECH-JEFF

Hi @TECH-JEFF

if you use --apache and if you have that result, normally, Certbot doesn't understand your Apache.

What says

apachectl -S

I'm using apache2, does that make a difference?

No, there is no apache2ctl
Just show the output of:
apachectl -S

got this output

rhconnext@HPORTAL:~$ apachectl -S
VirtualHost configuration:
*:80 is a NameVirtualHost
default server HPORTAL.redhammer.io (/etc/apache2/sites-enabled/000-default.conf:1)
port 80 namevhost HPORTAL.redhammer.io (/etc/apache2/sites-enabled/000-default.conf:1)
port 80 namevhost hportal.redhammer.io (/etc/apache2/sites-enabled/redhammer.conf:1)
ServerRoot: "/etc/apache2"
Main DocumentRoot: "/var/www/html"
Main ErrorLog: "/var/log/apache2/error.log"
Mutex default: dir="/var/run/apache2/" mechanism=default
Mutex watchdog-callback: using_defaults
PidFile: "/var/run/apache2/apache2.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="www-data" id=33 not_used
Group: name="www-data" id=33 not_used

This is an overlap problem.
Each name:port combination should only be used once.
[pay no attention to the upper/lower case - the names are the same]

You need to review both files and make them into only one.

In my personal opinion I would dump the "default" configuration (after viewing the contents) and move forward with the

It is less ambiguous and easier to understand.
Gets rid of the overlap and makes it easier to visualise when debugging, etc.

this worked for me, after I deleted the default config, I was able to request a cert and certificate now shows on browser for https

Excellent News! Glad it is up and working now!

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.