The apache plugin is not working; there may be problems with your existing configuration

Full error message :
The apache plugin is not working; there may be problems with your existing configuration.
The error was: PluginError(‘Unable to parse runtime variables’,)

I have Debian 7 with apache as webserver.

1 Like

Apache Tomcat (java) or Apache HTTPD © ?

HTTPD Apache

root@Website~# apachectl -V
Server version: Apache/2.2.22 (Debian)
Server built: Aug 18 2015 09:50:52
Server's Module Magic Number: 20051115:30
Server loaded: APR 1.4.6, APR-Util 1.4.1
Compiled using: APR 1.4.6, APR-Util 1.4.1
Architecture: 64-bit
Server MPM: Prefork
threaded: no
forked: yes (variable process count)
Server compiled with....
-D APACHE_MPM_DIR="server/mpm/prefork"
-D APR_HAS_SENDFILE
-D APR_HAS_MMAP
-D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
-D APR_USE_SYSVSEM_SERIALIZE
-D APR_USE_PTHREAD_SERIALIZE
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_RELIABLE_PIPED_LOGS
-D DYNAMIC_MODULE_LIMIT=128
-D HTTPD_ROOT="/etc/apache2"
-D SUEXEC_BIN="/usr/lib/apache2/suexec"
-D DEFAULT_PIDLOG="/var/run/apache2.pid"
-D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
-D DEFAULT_LOCKFILE="/var/run/apache2/accept.lock"
-D DEFAULT_ERRORLOG="logs/error_log"
-D AP_TYPES_CONFIG_FILE="mime.types"
-D SERVER_CONFIG_FILE="apache2.conf"

Hi

Same here, i have also this Problem!
any solutions yet?

Thanks!

Have nobody a solution ?

What’s the output of the following command?

apachectl -t -D DUMP_RUN_CFG

I tested the Config already, the output is :
Syntax OK

Aha. It seems this is a known issue with Apache 2.2.

Until it’s fixed I guess you could use the webroot authentication method.

And exist a solution for this ?

There’s no solution yet for the apache plugin, but as I understand it, the other methods should work. So you could try one of those.

I tried the webroot plugin, but get the error :

Domains: WEBSITE.de, www.WEBSITE.de
Error: The server could not connect to the client for DV

To fix these errors, please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client.

Is your website publicly available? Let’s Encrypt tries to connect to your domains on port 80 from within their own network. That won’t work if you have firewall rules denying access in place or something like that. Make sure to verify you can request the challenge URL from outside your server’s network.

Yes it is, it works now.
How i can install the certificate now ?

At this point letsencrypt has created your certificate in /etc/letsencrypt/live/example.com/cert.pem, as well as your private key (privkey.pem) and a file with both your certificate and any intermediaries (fullchain.pem).

The remaining steps are independent from Let’s Encrypt, so basically any guide for installing SSL certificates on apache would work. The simplest version - and I don’t really recommend this for production - would probably be something like this:

<VirtualHost *:443>
   # ...

   SSLEngine on
   SSLCertificateFile    /etc/letsencrypt/live/example.com/cert.pem
   SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
   SSLCertificateChainFile /etc/letsencrypt/live/example.com/fullchain.pem
</VirtualHost>

Mozilla provides a more complete sample configuration here:
https://wiki.mozilla.org/Security/Server_Side_TLS#Apache

1 Like

I tries this, but i get (when i open my website) :

SSL-Verbindungsfehler (german for ssl-connection error)
ERR_SSL_PROTOCOL_ERROR

I get “syntax ok”, too .

okay im retarded i forgott “sslengine on” ^^

1 Like

@pfg

I got the same error as the original poster:

The apache plugin is not working; there may be problems with your existing configuration.
The error was: PluginError('Unable to parse runtime variables',)

...because I have Ubuntu 12.04 and Apache 2.2. I tried the following:

$ cd /opt/letsencrypt
$ ./letsencrypt-auto certonly --webroot -w /var/www/example.com -d www.example.com -d example.com
...
...
...
Failed authorization procedure. www.example.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.example.com/.well-known/acme-challenge/dzfUn-A5zn-QICUlmadfz_L86MwKB3-rqzYhE70rTAA [199.204.46.139]: 404, example.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://example.com/.well-known/acme-challenge/xTVFDe7d3s949p0fJ37v5-qwBrpY8W68th3I7PzshTA [199.204.46.139]: 404

IMPORTANT NOTES:
 - If you lose your account credentials, you can recover through
   e-mails sent to curt@______.com
 - The following 'urn:acme:error:unauthorized' errors were reported by
   the server:

   Domains: example.com, www.example.com
   Error: The client lacks sufficient authorization
 - Your account credentials have been saved in your Let's Encrypt
   configuration directory at /etc/letsencrypt. You should make a
   secure backup of this folder now. This configuration directory will
   also contain certificates and private keys obtained by Let's
   Encrypt so making regular backups of this folder is ideal.
$

No certificates seem to have been created, as shown by the following:

$ cd /etc/letsencrypt
$ ls
accounts  csr  keys  renewal

What can I try next?

Update on 2016-01-07

I entered the wrong path: /var/www/example.com

I need to enter: /var/www/example.com/public_html

Now it works.

I have this running the bitnami LAMP stack instance-generator on GCE (apache 2.4.18):

./letsencrypt-auto --apache -d domain.com
Checking for new version...
Requesting root privileges to run letsencrypt...
   sudo /home/tech/.local/share/letsencrypt/bin/letsencrypt --apache -d domain.com
The apache plugin is not working; there may be problems with your existing configuration.
The error was: NoInstallationError()

For what it’s worth… I received this same error due the number of equal (=) signs in server variables. The variables were URLs which contain parameters that have equal signs in them.
Example HOME_PAGE “example.com?param1=A&param2=B
When this is dumped it looks like:
HOME_PAGE=example.com?param1=A&param2=B
Certbot seems to be having trouble parsing this.