Trouble with Auto Renew SSL Cert and Certbot

rg305 · October 9, 2020, 1:52am

The file shown has no defined root nor ServerName.
Which means it is using the "defaults"
Sadly someone somewhere has taught all new web server admins to name their server by the first name in the first vhost.
This couldn't be more incorrect; as seen in this example - the default now conflicts with that first vhost.
They seem to have tried to fix this by putting the cert for that name.

But that doesn't remove the overlap.

Please change the main ServerName to "whatever" in the main config file.
Restart Apache
Rerun and show us that output:
sudo apachectl -S

russmoffat · October 9, 2020, 1:52am

that directory path is not there

griffin · October 9, 2020, 1:53am

hmm... let's get this spaghetti straight, Rudy

griffin · October 9, 2020, 1:55am

I must run for now. I know you've got this Rudy.

I'll check back when I return for the congratulations.

russmoffat · October 9, 2020, 1:59am

can you please provide more info on what to change?

russmoffat · October 9, 2020, 2:32am

Sorry, I am just not following what file to change.

rg305 · October 9, 2020, 4:23am

Sorry about the delay, it seems we both stepped out at the same time.

The file that is needed is the main config file.
If you don't know which that one is, try showing:
ls -l /etc/httpd/*.conf

russmoffat · October 9, 2020, 6:07am

AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using audiopress-staging.bitpress.com. Set the 'ServerName' directive globally to suppress this message
VirtualHost configuration:
*:80 audiopress-staging.bitpress (/etc/httpd/conf/httpd.conf:43)
*:443 is a NameVirtualHost
default server audiopress-staging.bitpress.com (/etc/httpd/conf.d/ssl.conf:56)
port 443 namevhost audiopress-staging.bitpress.com (/etc/httpd/conf.d/ssl.conf:56)
port 443 namevhost audiopress-staging.bitpress.com (/etc/httpd/conf/httpd-le-ssl.conf:2)
alias audiopress-staging.bitpress.com
ServerRoot: "/etc/httpd"
Main DocumentRoot: "/var/www/html"
Main ErrorLog: "/etc/httpd/logs/error_log"
Mutex proxy-balancer-shm: using_defaults
Mutex rewrite-map: using_defaults
Mutex ssl-stapling-refresh: using_defaults
Mutex authdigest-client: using_defaults
Mutex lua-ivm-shm: using_defaults
Mutex ssl-stapling: using_defaults
Mutex proxy: using_defaults
Mutex authn-socache: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/run/httpd/" mechanism=default
Mutex mpm-accept: using_defaults
Mutex cache-socache: using_defaults
Mutex authdigest-opaque: using_defaults
Mutex watchdog-callback: using_defaults
PidFile: "/run/httpd/httpd.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="apache" id=48
Group: name="apache" id=48

rg305 · October 9, 2020, 6:13am

Please show the output of this command:
ls -l /etc/httpd/*.conf

russmoffat · October 9, 2020, 6:23am

That exact command doesn't work for me, but if I change to:

ls -l /etc/httpd/*conf

I get:

total 32
-rw-r--r-- 1 root root 12283 Oct 9 06:18 httpd.conf
-rw-r--r-- 1 root root 418 Oct 9 06:16 httpd-le-ssl.conf
-rw-r--r-- 1 root root 13064 Aug 24 18:54 magic

rg305 · October 9, 2020, 6:43am

OK please now show:
grep -i ServerName /etc/httpd/httpd.conf
or maybe it is:
grep -i ServerName /etc/httpd/conf/httpd.conf

russmoffat · October 9, 2020, 6:47am

[root@audiopress-staging conf]# grep -i ServerName /etc/httpd/conf/httpd.conf
  ServerName "audiopress-staging.bitpress.com"
# ServerName gives the name and port that the server uses to identify itself.
#ServerName audiopress-staging.bitpress.com:80

rg305 · October 9, 2020, 6:50am

Ok edit this file:

as I mentioned before:

"the main config file" is /etc/httpd/conf/httpd.conf

russmoffat · October 9, 2020, 6:51am

Ok, sorry, I have changed it and then changed it back again a few times. I will do it again now.

rg305 · October 9, 2020, 6:52am

Do not set the main server name to "audiopress-staging.bitpress.com".
That is what is causing the problem.

russmoffat · October 9, 2020, 6:55am

AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using audiopress-staging.bitpress.com. Set the 'ServerName' directive globally to suppress this message
VirtualHost configuration:
*:80 whatever (/etc/httpd/conf/httpd.conf:43)
*:443 is a NameVirtualHost
default server audiopress-staging.bitpress.com (/etc/httpd/conf.d/ssl.conf:56)
port 443 namevhost audiopress-staging.bitpress.com (/etc/httpd/conf.d/ssl.conf:56)
port 443 namevhost audiopress-staging.bitpress.com (/etc/httpd/conf/httpd-le-ssl.conf:2)
alias audiopress-staging.bitpress.com
ServerRoot: "/etc/httpd"
Main DocumentRoot: "/var/www/html"
Main ErrorLog: "/etc/httpd/logs/error_log"
Mutex mpm-accept: using_defaults
Mutex cache-socache: using_defaults
Mutex authdigest-opaque: using_defaults
Mutex watchdog-callback: using_defaults
Mutex proxy-balancer-shm: using_defaults
Mutex rewrite-map: using_defaults
Mutex ssl-stapling-refresh: using_defaults
Mutex authdigest-client: using_defaults
Mutex lua-ivm-shm: using_defaults
Mutex ssl-stapling: using_defaults
Mutex proxy: using_defaults
Mutex authn-socache: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/run/httpd/" mechanism=default
PidFile: "/run/httpd/httpd.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="apache" id=48
Group: name="apache" id=48

rg305 · October 9, 2020, 6:57am

What did you change it to?

We are not making any progress.

Set it to:
localhost.localdomain._

russmoffat · October 9, 2020, 7:08am

I changed it from:
ServerName "audiopress-staging.bitpress.com"

to
ServerName "whatever"

I will change it to:
ServerName "localhost.localdomain._"

russmoffat · October 9, 2020, 7:10am

AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using audiopress-staging.bitpress.com. Set the 'ServerName' directive globally to suppress this message
VirtualHost configuration:
*:80 localhost.localdomain._ (/etc/httpd/conf/httpd.conf:43)
*:443 is a NameVirtualHost
default server audiopress-staging.bitpress.com (/etc/httpd/conf.d/ssl.conf:56)
port 443 namevhost audiopress-staging.bitpress.com (/etc/httpd/conf.d/ssl.conf:56)
port 443 namevhost audiopress-staging.bitpress.com (/etc/httpd/conf/httpd-le-ssl.conf:2)
alias audiopress-staging.bitpress.com
ServerRoot: "/etc/httpd"
Main DocumentRoot: "/var/www/html"
Main ErrorLog: "/etc/httpd/logs/error_log"
Mutex authdigest-opaque: using_defaults
Mutex watchdog-callback: using_defaults
Mutex proxy-balancer-shm: using_defaults
Mutex rewrite-map: using_defaults
Mutex ssl-stapling-refresh: using_defaults
Mutex authdigest-client: using_defaults
Mutex lua-ivm-shm: using_defaults
Mutex ssl-stapling: using_defaults
Mutex proxy: using_defaults
Mutex authn-socache: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/run/httpd/" mechanism=default
Mutex mpm-accept: using_defaults
Mutex cache-socache: using_defaults
PidFile: "/run/httpd/httpd.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="apache" id=48
Group: name="apache" id=48

rg305 · October 9, 2020, 7:13am

OK (that was my fault) we need one more step to make that "work".

We need to add a matching entry in file /etc/hosts
Please add to it:
127.0.0.1 localhost.localdomain._