Unable to find a virtual host listening on port 80

zeesteve1 · August 31, 2021, 9:08am

I ran this command: certbot renew

It produced this output: Renewing an existing certificate for pdxwater.org
Failed to renew certificate pdxwater.org-0001 with error: Unable to find a virtual host listening on port 80 which is currently needed for Certbot to prove to the CA that you control your domain. Please add a virtual host for port 80.

My web server is (include version): apache2

The operating system my web server runs on is (include version): Ubuntu 20.04

My hosting provider, if applicable, is: digitalocean.com

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): pm2

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 1.18.0

_az · August 31, 2021, 9:33am

What's the output of:

sudo apachectl -t -D DUMP_VHOSTS

zeesteve1 · August 31, 2021, 9:36am

VirtualHost configuration:
*:443 is a NameVirtualHost
port 443 namevhost www.pdxwater.org (/etc/apache2/sites-enabled/pdxwater.org-le-ssl.conf:2)
port 443 namevhost pdxwater.org (/etc/apache2/sites-enabled/pdxwater.org-le-ssl.conf:12)

_az · August 31, 2021, 9:48am

Like the error message from Certbot suggests, you need to keep around a port 80 virtualhost. Otherwise, Certbot doesn't know how to renew the certificate.

If you used to have an /etc/apache2/sites-enabled/pdxwater.org.conf file and you disabled it or removed it, I suggest bringing it back.

Otherwise, you'll need to create a new one. Even if the only thing it does is redirect users to HTTPS, it needs to be there.

zeesteve1 · August 31, 2021, 10:00am

ah, ok, you are correct. It was disabled after the last reboot. I did a2ensite pdxwater.org and apachectl -k graceful and it got passed that error.

unfortunately I have a new one:

Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/pdxwater.org-0001/fullchain.pem
Key is saved at:         /etc/letsencrypt/live/pdxwater.org-0001/privkey.pem
This certificate expires on 2021-11-29.
These files will be updated when the certificate renews.
Certbot has set up a scheduled task to automatically renew this certificate in the background.

Deploying certificate
Successfully deployed certificate for pdxwater.org to /etc/apache2/sites-enabled/pdxwater.org-le-ssl.conf
Failed redirect for pdxwater.org
Unable to set the redirect enhancement for pdxwater.org.

NEXT STEPS:
- The certificate was saved, but could not be installed (installer: apache). After fixing the error shown below, try installing it again by running:
  certbot install --cert-name pdxwater.org-0001


Unable to find corresponding HTTP vhost; Unable to create one as intended addresses conflict; Current configuration does not support automated redirection

_az · August 31, 2021, 10:13am

It might help to post the contents of that vhost file you just enabled, and also the output of DUMP_VHOSTS again.

zeesteve1 · August 31, 2021, 10:18am

Here is the vhosts dump:

VirtualHost configuration:
*:443                  is a NameVirtualHost
         port 443 namevhost www.pdxwater.org (/etc/apache2/sites-enabled/pdxwater.org-le-ssl.conf:2)
         port 443 namevhost pdxwater.org (/etc/apache2/sites-enabled/pdxwater.org-le-ssl.conf:12)
*:80                   is a NameVirtualHost
         port 80 namevhost pdxwater.org (/etc/apache2/sites-enabled/pdxwater.org.conf:1)
                 alias www.pdxwater.org

and here is the contents of that file:

<VirtualHost *:80>

        ServerAdmin root@pdxwater.org
        DocumentRoot /var/www/pdxwater.org/
        ServerName pdxwater.org
        ServerAlias www.pdxwater.org

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

        Redirect permanent / https://pdxwater.org

        #ProxyRequests On
        #ProxyPass / https://localhost:3000/
        #ProxyPassReverse / localhost:3000/

RewriteEngine on
RewriteCond %{SERVER_NAME} =www.pdxwater.org [OR]
RewriteCond %{SERVER_NAME} =pdxwater.org
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

thanks again for your help so far

_az · August 31, 2021, 10:43am

Hmm. I don't think you need to do anything, except maybe comment out this line, because the rewrite rules act as a better version of the redirect:

Redirect permanent / https://pdxwater.org

Although Certbot is telling you the installation failed, I think it should be safe to ignore; it shouldn't come up during future renewals.

zeesteve1 · August 31, 2021, 10:50am

Ok, thank you, correct again, despite the error, the certification is working and the site loads with https://pdxwater.org.

Thank you very much!

rg305 · August 31, 2021, 12:45pm

One last thing to ensure all is well going forward.
Please show the output now of:
certbot certificates

system · September 30, 2021, 12:46pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.