"Unable to find cert and/or key directives" error


When trying to reissue a certificate I get an error message:

           │ Cannot find a cert or key directive in                               │
           │ /files/etc/apache2/sites-available/subdomain.conf/VirtualHost[2].        │
           │ VirtualHost was not modified                                         │

Unable to find cert and/or key directives

I’m using Apache2 on Ubuntu server 15.10, and had no problem so far with Let’s Encrypt to issue/renew certificates with my conf.
I added a new site to host, and got this message on the last site I created.
If I remove it from the list of existing web sites identified, the same error is reported on the next .conf file.

Here is the content of the subdomain.conf file

<VirtualHost *:80>
        Redirect permanent "/" "https://subdomain.mysite.tld/"

<VirtualHost *:443>
        ServerName subdomain.mysite.tld

        ErrorLog /var/log/apache2/mysite-error.log
        CustomLog /var/log/apache2/mysite-access.log combined

        ProxyPassMatch   "^/(sockjs\/.*\/websocket)$" "ws://$1"
        ProxyPass        "/" "http://localhost:8081/"
        ProxyPassReverse "/" "http://localhost:8081/"
        ProxyPreserveHost On

Do someone have a idea on what’s happening ?

You have a VirtualHost listening on port 443 without any SSL directives set. Let’s Encrypt assumes any VirtualHost listening on port 443 is already SSL-enabled and therefore must have at least the following directives:

SSLEngine on
SSLCertificateFile /path/to/cert.pem
SSLCertificateKeyFile /path/to/private.key

You can either add those directives (they’ll have to point to valid certificate and key files, though they could be self-signed) or replace it with a regular HTTP VirtualHost on port 80 and let Let’s Encrypt create a new VirtualHost with all settings.

1 Like

This worked like a charm.
I tried to configure port 443 by myself, but it’s better to delegate this to the script.

Thanks a million !

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.