Setup LetsEncrypt in Ubuntu with Apache

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g., so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain

I ran this command:sudo certbot --apache -d

It produced this output:
Type: unauthorized
Detail: Invalid response from
[]: "\n\n404 Not

Not Found


To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.

  • Your account credentials have been saved in your Certbot
    configuration directory at /etc/letsencrypt. You should make a
    secure backup of this folder now. This configuration directory will
    also contain certificates and private keys obtained by Certbot so
    making regular backups of this folder is ideal.

My web server is (include version): Apache/2.4.18 (Ubuntu)

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

I'm not able to request a cert. I'm currently coordinating with our network folks whether ports 80 and 443 is enabled. Though I did test by browsing the URL and works on http but not on https. Not sure if this should be accessible even without a certificate on a https or need to redirect http to https before it'll work?


1 Like


if you use --apache and if you have that result, normally, Certbot doesn't understand your Apache.

What says

apachectl -S

I'm using apache2, does that make a difference?

1 Like

No, there is no apache2ctl
Just show the output of:
apachectl -S


got this output

rhconnext@HPORTAL:~$ apachectl -S
VirtualHost configuration:
*:80 is a NameVirtualHost
default server (/etc/apache2/sites-enabled/000-default.conf:1)
port 80 namevhost (/etc/apache2/sites-enabled/000-default.conf:1)
port 80 namevhost (/etc/apache2/sites-enabled/redhammer.conf:1)
ServerRoot: "/etc/apache2"
Main DocumentRoot: "/var/www/html"
Main ErrorLog: "/var/log/apache2/error.log"
Mutex default: dir="/var/run/apache2/" mechanism=default
Mutex watchdog-callback: using_defaults
PidFile: "/var/run/apache2/"
User: name="www-data" id=33 not_used
Group: name="www-data" id=33 not_used

1 Like

This is an overlap problem.
Each name:port combination should only be used once.
[pay no attention to the upper/lower case - the names are the same]

You need to review both files and make them into only one.


In my personal opinion I would dump the "default" configuration (after viewing the contents) and move forward with the :slight_smile:

It is less ambiguous and easier to understand.
Gets rid of the overlap and makes it easier to visualise when debugging, etc.


this worked for me, after I deleted the default config, I was able to request a cert and certificate now shows on browser for https

1 Like

Excellent News! Glad it is up and working now!


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.