Unable to find a virtual host listening on port 80

My domain is: pdxwater.org

I ran this command: certbot renew

It produced this output: Renewing an existing certificate for pdxwater.org
Failed to renew certificate pdxwater.org-0001 with error: Unable to find a virtual host listening on port 80 which is currently needed for Certbot to prove to the CA that you control your domain. Please add a virtual host for port 80.

My web server is (include version): apache2

The operating system my web server runs on is (include version): Ubuntu 20.04

My hosting provider, if applicable, is: digitalocean.com

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): pm2

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 1.18.0

What's the output of:

sudo apachectl -t -D DUMP_VHOSTS

VirtualHost configuration:
*:443 is a NameVirtualHost
port 443 namevhost www.pdxwater.org (/etc/apache2/sites-enabled/pdxwater.org-le-ssl.conf:2)
port 443 namevhost pdxwater.org (/etc/apache2/sites-enabled/pdxwater.org-le-ssl.conf:12)

Like the error message from Certbot suggests, you need to keep around a port 80 virtualhost. Otherwise, Certbot doesn't know how to renew the certificate.

If you used to have an /etc/apache2/sites-enabled/pdxwater.org.conf file and you disabled it or removed it, I suggest bringing it back.

Otherwise, you'll need to create a new one. Even if the only thing it does is redirect users to HTTPS, it needs to be there.

ah, ok, you are correct. It was disabled after the last reboot. I did a2ensite pdxwater.org and apachectl -k graceful and it got passed that error.

unfortunately I have a new one:

Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/pdxwater.org-0001/fullchain.pem
Key is saved at:         /etc/letsencrypt/live/pdxwater.org-0001/privkey.pem
This certificate expires on 2021-11-29.
These files will be updated when the certificate renews.
Certbot has set up a scheduled task to automatically renew this certificate in the background.

Deploying certificate
Successfully deployed certificate for pdxwater.org to /etc/apache2/sites-enabled/pdxwater.org-le-ssl.conf
Failed redirect for pdxwater.org
Unable to set the redirect enhancement for pdxwater.org.

- The certificate was saved, but could not be installed (installer: apache). After fixing the error shown below, try installing it again by running:
  certbot install --cert-name pdxwater.org-0001

Unable to find corresponding HTTP vhost; Unable to create one as intended addresses conflict; Current configuration does not support automated redirection

It might help to post the contents of that vhost file you just enabled, and also the output of DUMP_VHOSTS again.

Here is the vhosts dump:

VirtualHost configuration:
*:443                  is a NameVirtualHost
         port 443 namevhost www.pdxwater.org (/etc/apache2/sites-enabled/pdxwater.org-le-ssl.conf:2)
         port 443 namevhost pdxwater.org (/etc/apache2/sites-enabled/pdxwater.org-le-ssl.conf:12)
*:80                   is a NameVirtualHost
         port 80 namevhost pdxwater.org (/etc/apache2/sites-enabled/pdxwater.org.conf:1)
                 alias www.pdxwater.org

and here is the contents of that file:

<VirtualHost *:80>

        ServerAdmin root@pdxwater.org
        DocumentRoot /var/www/pdxwater.org/
        ServerName pdxwater.org
        ServerAlias www.pdxwater.org

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

        Redirect permanent / https://pdxwater.org

        #ProxyRequests On
        #ProxyPass / https://localhost:3000/
        #ProxyPassReverse / localhost:3000/

RewriteEngine on
RewriteCond %{SERVER_NAME} =www.pdxwater.org [OR]
RewriteCond %{SERVER_NAME} =pdxwater.org
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

thanks again for your help so far

Hmm. I don't think you need to do anything, except maybe comment out this line, because the rewrite rules act as a better version of the redirect:

Redirect permanent / https://pdxwater.org

Although Certbot is telling you the installation failed, I think it should be safe to ignore; it shouldn't come up during future renewals.

Ok, thank you, correct again, despite the error, the certification is working and the site loads with https://pdxwater.org.

Thank you very much!

One last thing to ensure all is well going forward.
Please show the output now of:
certbot certificates

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.