Unable to find a virtual host listening on port 80

jwhiteacre · April 1, 2021, 11:55pm

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: fatbob.servehttp.com

I ran this command: sudo certbot --apache certonly --apache-vhost-root /etc/apache2/extras

It produced this output:
No names were found in your configuration files. Please enter in your domain
name(s) (comma and/or space separated) (Enter 'c' to cancel): fatbob.servehttp.com
Cert is due for renewal, auto-renewing...
Renewing an existing certificate for fatbob.servehttp.com
Performing the following challenges:
http-01 challenge for fatbob.servehttp.com
Cleaning up challenges
Unable to find a virtual host listening on port 80 which is currently needed for Certbot to prove to the CA that you control your domain. Please add a virtual host for port 80.

My web server is (include version): Apache version is 2.4.46

The operating system my web server runs on is (include version): Mac OS 11.2.3

My hosting provider, if applicable, is: local server

I can login to a root shell on my machine (yes or no, or I don't know): Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

I am pretty sure the issue is related to certbot not finding the right configs, I added some debug prints in here "./vendor/lib/python3.9/site-packages/certbot_apache/_internal/configurator.py" line 1002 of 2719

I see this

{'/etc/apache2': ['httpd.conf'], '/private/etc/apache2': ['httpd.conf'], '/private/etc/apache2/extra': ['httpd-mpm.conf', 'httpd-autoindex.conf', 'httpd-userdir.conf', 'httpd-vhosts.conf', 'httpd-ssl.conf'], '/private/etc/apache2/users': ['Guest.conf', 'jimwhiteacre.conf'], '/etc/letsencrypt': ['options-ssl-apache.conf'], '/private/etc/apache2/other': ['mpm.conf', 'php7.conf'], '/etc/apache2/extras': ['.conf']}
/etc/apache2
/files/etc/apache2//[label()=~regexp('[Vv][Ii][Rr][Tt][Uu][Aa][Ll][Hh][Oo][Ss][Tt]')]
/private/etc/apache2
/files/private/etc/apache2//[label()=~regexp('[Vv][Ii][Rr][Tt][Uu][Aa][Ll][Hh][Oo][Ss][Tt]')]
/private/etc/apache2/extra
/files/private/etc/apache2/extra//[label()=~regexp('[Vv][Ii][Rr][Tt][Uu][Aa][Ll][Hh][Oo][Ss][Tt]')]
/private/etc/apache2/users
/files/private/etc/apache2/users//[label()=~regexp('[Vv][Ii][Rr][Tt][Uu][Aa][Ll][Hh][Oo][Ss][Tt]')]
/etc/letsencrypt
/files/etc/letsencrypt//[label()=~regexp('[Vv][Ii][Rr][Tt][Uu][Aa][Ll][Hh][Oo][Ss][Tt]')]
/private/etc/apache2/other
/files/private/etc/apache2/other//[label()=~regexp('[Vv][Ii][Rr][Tt][Uu][Aa][Ll][Hh][Oo][Ss][Tt]')]
/etc/apache2/extras
/files/etc/apache2/extras//[label()=~regexp('[Vv][Ii][Rr][Tt][Uu][Aa][Ll][Hh][Oo][Ss][Tt]')]

so it looks like it wants to look in /etc/apache2/extra/httpd-vhosts.conf Where I have this

<VirtualHost *:80>
ServerName "fatbob.servehttp.com"
DocumentRoot "/Users/jimwhiteacre/Sites"
CustomLog "|/usr/sbin/rotatelogs /private/var/log/apache2/fatbob-access_log 86400" combined
ErrorLog "|/usr/sbin/rotatelogs /private/var/log/apache2/fatbob-error_log 86400"

And apache believes it is there as well

sudo apachectl -t -D DUMP_VHOSTS
VirtualHost configuration:
*:80 fatbob.servehttp.com (/private/etc/apache2/extra/httpd-vhosts.conf:45)
*:443 is a NameVirtualHost

So I figure it must be some option I need to pass in to have certbot find the right file

Appreciate any help

jwhiteacre · April 1, 2021, 11:56pm

Forgot certbot version

certbot --version
certbot 1.10.1

stevenzhu · April 2, 2021, 1:34am

Hi,

Which path is your virtual hosts currently on? Is it /private/etc/apache2/extra/ or /etc/apache2/extra/?

If it's the private one, you need to modify your certbot command to reflect the path. sudo certbot --apache certonly --apache-vhost-root /private//etc/apache2/extras

Thank you

jwhiteacre · April 2, 2021, 2:56pm

Yes I have tried both, on Mac those directories seemed to be linked in some manor.

jwhiteacre · April 2, 2021, 3:34pm

I think the issue is with augeas on mac as that is the python module that is used to parse the configs, There is a tool that can be run on the command line to test this out, so this works

augtool print /files/etc/apache2/httpd.conf/

but this does not parse anything

augtool print /files/etc/apache2/extra/httpd-vhosts.conf/

Found that augeas has a lens file that shows what files are loaded on mac that is here /usr/local/share/augeas/lenses/dist

And I believe this is the list of files it will actually load

let filter = (incl "/etc/apache2/apache2.conf") .
(incl "/etc/apache2/httpd.conf") .
(incl "/etc/apache2/ports.conf") .
(incl "/etc/apache2/conf.d/") .
(incl "/etc/apache2/conf-available/.conf") .
(incl "/etc/apache2/mods-available/") .
(incl "/etc/apache2/sites-available/") .
(incl "/etc/apache2/vhosts.d/.conf") .
(incl "/etc/httpd/conf.d/.conf") .
(incl "/etc/httpd/httpd.conf") .
(incl "/etc/httpd/conf/httpd.conf") .
(incl "/etc/httpd/conf.modules.d/*.conf") .

Notice /etc/apache2/extra is not part of the list. So seems I have a few options

1 Put the virtual host entry in the top level httpd.conf
2.Move my vhost config to one of the above listed directories
3.Get my cert using webroot

jwhiteacre · April 2, 2021, 4:17pm

For anyone that ends up here, this is how I ended up renewing my cert

apachectl stop
/usr/local/bin/certbot certonly --standalone
apachectl restart

system · May 2, 2021, 4:18pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.