My domain is: towingswanhill.com
I ran this command: sudo certbot --apache
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log Could not find ssl_module; not disabling session tickets.
Plugins selected: Authenticator apache, Installer apache
Please enter the domain name(s) you would like on your certificate (comma and/or
space separated) (Enter 'c' to cancel): towingswanhill.com
Requesting a certificate for towingswanhill.com
Performing the following challenges:
http-01 challenge for towingswanhill.com
Cleaning up challenges Unable to find a virtual host listening on port 80 which is currently needed for Certbot to prove to the CA that you control your domain. Please add a virtual host for port 80.
My web server is (include version): Apache (Unknown Version)
The operating system my web server runs on is (include version): MacOS
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know): Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): 1.16.0
I also ran apachectl -t -D DUMP_VHOSTS which shows the vhost on port 80, I can connect to the site for any machine and a cmd ping from another computer shows the domain and correct ip.
DUMP_VHOSTS
VirtualHost configuration:
*:80 is a NameVirtualHost
default server 180.150.45.233 (/private/etc/apache2/extra/httpd-vhosts.conf:40)
port 80 namevhost 180.150.45.233 (/private/etc/apache2/extra/httpd-vhosts.conf:40)
port 80 namevhost rosslocalmowing.com (/private/etc/apache2/extra/httpd-vhosts.conf:45)
alias www.rosslocalmowing.com
port 80 namevhost towingswanhill.com (/private/etc/apache2/extra/httpd-vhosts.conf:56)
alias www.towingswanhill.com
port 80 namevhost XXXXXXXX.com (/private/etc/apache2/extra/httpd-vhosts.conf:67)
alias www.XXXXXXXX.com
The MacOS version of Apache uses a non-standard directory structure, so you need to use parameters to tell certbot where to find things.
apache:
Apache Web Server plugin (Please note that the default values of the Apache plugin options change depending on the operating system Certbot is run on.)
--apache-enmod APACHE_ENMOD Path to the Apache 'a2enmod' binary (default: None)
--apache-dismod APACHE_DISMOD Path to the Apache 'a2dismod' binary (default: None)
I really want to get this resolved definitively because many MacOS Apache users would benefit from it. Please try the following command and let us know the output:
Hey, thanks for the reply. I entered the line as you requested, it didn't seem to work. Was there any config changes that needed to be made or any steps other then the command?
OUTPUT
% sudo certbot --apache --apache-server-root /private/etc/apache2 --apache-vhost-root /private/etc/apache2/extra --apache-challenge-location /private/etc/apache2
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Could not find ssl_module; not disabling session tickets.
Please enter the domain name(s) you would like on your certificate (comma and/or
space separated) (Enter 'c' to cancel): towingswanhill.com, rosslocalmowing.com
Requesting a certificate for towingswanhill.com and rosslocalmowing.com
Unable to find a virtual host listening on port 80 which is currently needed for Certbot to prove to the CA that you control your domain. Please add a virtual host for port 80.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
So I can do sudo certbot certonly --webroot. Then I give it the file paths for the projects? (This is for the "Input webroot" part). Considering its certonly does that mean I need to change any apache settings/configs?
PS If you cant tell I'm pretty new to this, just want to understand what's going on. Thanks for the help so far.
Each domain may have a unique document root path - answer each request accordingly.
That depends...
If HTTPS has never been enabled, then you may have to create the vhost to handle that.
Once enabled, using certonly will work as expected and only update the links to the more recent cert.
[a web server restart is reload is requires upon any certificate issuance]
I guess the trick now is testing if certbot can install the cert it obtains via --webroot.
If not, then this is more complicated than simple, and may require that you manually create the HTTPS vhost files.
The good news there is that you only need to do that once (per domain / document root).
So it seems to have worked with webroot, is there any info on how to config apache for HTTPS and I can just use the certbot renewer from the main getting started page? (Or is there a better way to auto renew)
Before we try to code this all manually let's give certbot one more go at it.
Try: certbot --apache --reinstall -d "rosslocalmowing.com,www.rosslocalmowing.com"
If that works, then also for: certbot --apache --reinstall -d "towingswanhill.com,www.towingswanhill.com"
If that fails, try showing the full output of: apachectl -S