Please fill out the fields below so we can help you better.
My domain is: gangren.team
My operating system is (include version): CentOS 7
My web server is (include version): Apache/2.4.25 (cPanel)
My hosting provider, if applicable, is: GoDaddy
I can login to a root shell on my machine (yes or no, or I don’t know): Yes (all commands are executed as root)
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): Yes, WHM & cPanel
I performed the following steps:
Create the CentOS 7 VM and configure the DNS records to point to it.
Create the account (gangren.team) in WHM.
Upload a basic index.html file and navigate to www.gangren.team to validate that I can access the site.
Log into the server and execute the following [based on the Let’s Encrypt on CentOS 7 article from Digital Ocean (https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-centos-7), with the understanding that no firewall has been setup]
sudo yum install epel-release
sudo yum install httpd mod_ssl python-certbot-apache
sudo systemctl start httpd
systemctl status httpd
curl www.gangren.team ((Note: works))
curl -k https://gangren.team ((Note: error, as seen in log))
sudo certbot --apache -d gangren.team -d www.gangren.team
This last command generates an error, as follows: certbot: command not found
After this, I tried something else, as follows:
sudo git clone https://github.com/letsencrypt/letsencrypt
cd letsencrypt
./letsencrypt-auto --help
./letsencrypt-auto --apache -d gangren.team -d www.gangren.team
This returned an error as well, as follows:
The apache plugin is not working; there may be problems with your existing configuration.
The error was: NoInstallationError(‘Could not find configuration root’,)
OUTPUT FROM FIRST SET OF STEPS:
[loneadmin@cpanel-test ~]$ sudo yum install epel-release
Loaded plugins: fastestmirror, tsflags, universal-hooks
EA4 | 2.9 kB 00:00
base | 3.6 kB 00:00
epel/x86_64/metalink | 11 kB 00:00
epel | 4.3 kB 00:00
extras | 3.4 kB 00:00
updates | 3.4 kB 00:00
(1/2): epel/x86_64/updateinfo | 754 kB 00:00
(2/2): epel/x86_64/primary_db | 4.6 MB 00:00
Loading mirror speeds from cached hostfile
* EA4: 208.43.108.66
* base: centos.aol.com
* epel: mirror.us.leaseweb.net
* extras: centos.aol.com
* updates: mirror.netdepot.com
Package epel-release-7-9.noarch already installed and latest version
Nothing to do
[loneadmin@cpanel-test ~]$ sudo yum install httpd mod_ssl python-certbot-apache
Loaded plugins: fastestmirror, tsflags, universal-hooks
Loading mirror speeds from cached hostfile
* EA4: 208.43.108.66
* base: mirror.symnds.com
* epel: mirror.us.leaseweb.net
* extras: centos.aol.com
* updates: mirror.netdepot.com
No package httpd available.
No package mod_ssl available.
Resolving Dependencies
--> Running transaction check
---> Package python2-certbot-apache.noarch 0:0.11.1-1.el7 will be installed
--> Processing Dependency: python2-certbot = 0.11.1 for package: python2-certbot-apache-0.11.1-1.el7.noarch
--> Processing Dependency: certbot = 0.11.1 for package: python2-certbot-apache-0.11.1-1.el7.noarch
--> Processing Dependency: python-augeas for package: python2-certbot-apache-0.11.1-1.el7.noarch
--> Processing Dependency: mod_ssl for package: python2-certbot-apache-0.11.1-1.el7.noarch
--> Running transaction check
---> Package certbot.noarch 0:0.11.1-2.el7 will be installed
---> Package python-augeas.noarch 0:0.5.0-2.el7 will be installed
--> Processing Dependency: augeas-libs for package: python-augeas-0.5.0-2.el7.noarch
---> Package python2-certbot.noarch 0:0.11.1-2.el7 will be installed
--> Processing Dependency: python2-acme = 0.11.1 for package: python2-certbot-0.11.1-2.el7.noarch
--> Processing Dependency: python2-dialog >= 3.3.0 for package: python2-certbot-0.11.1-2.el7.noarch
--> Processing Dependency: python2-configargparse >= 0.10.0 for package: python2-certbot-0.11.1-2.el7.noarch
--> Processing Dependency: python-psutil >= 2.1.0 for package: python2-certbot-0.11.1-2.el7.noarch
--> Processing Dependency: python2-future for package: python2-certbot-0.11.1-2.el7.noarch
--> Processing Dependency: python-zope-interface for package: python2-certbot-0.11.1-2.el7.noarch
--> Processing Dependency: python-zope-component for package: python2-certbot-0.11.1-2.el7.noarch
--> Processing Dependency: python-parsedatetime for package: python2-certbot-0.11.1-2.el7.noarch
--> Processing Dependency: python-mock for package: python2-certbot-0.11.1-2.el7.noarch
---> Package python2-certbot-apache.noarch 0:0.11.1-1.el7 will be installed
--> Processing Dependency: mod_ssl for package: python2-certbot-apache-0.11.1-1.el7.noarch
--> Running transaction check
---> Package augeas-libs.x86_64 0:1.4.0-2.el7 will be installed
---> Package python-parsedatetime.noarch 0:1.5-3.el7 will be installed
---> Package python-psutil.x86_64 0:2.2.1-1.el7 will be installed
---> Package python-zope-component.noarch 1:4.1.0-1.el7 will be installed
--> Processing Dependency: python-zope-event for package: 1:python-zope-component-4.1.0-1.el7.noarch
---> Package python-zope-interface.x86_64 0:4.0.5-4.el7 will be installed
---> Package python2-acme.noarch 0:0.11.1-1.el7 will be installed
--> Processing Dependency: pyOpenSSL >= 0.13 for package: python2-acme-0.11.1-1.el7.noarch
--> Processing Dependency: pytz for package: python2-acme-0.11.1-1.el7.noarch
--> Processing Dependency: python-pyrfc3339 for package: python2-acme-0.11.1-1.el7.noarch
--> Processing Dependency: python-ndg_httpsclient for package: python2-acme-0.11.1-1.el7.noarch
--> Processing Dependency: python-cryptography for package: python2-acme-0.11.1-1.el7.noarch
---> Package python2-certbot-apache.noarch 0:0.11.1-1.el7 will be installed
--> Processing Dependency: mod_ssl for package: python2-certbot-apache-0.11.1-1.el7.noarch
---> Package python2-configargparse.noarch 0:0.11.0-1.el7 will be installed
---> Package python2-dialog.noarch 0:3.3.0-6.el7 will be installed
--> Processing Dependency: dialog for package: python2-dialog-3.3.0-6.el7.noarch
---> Package python2-future.noarch 0:0.16.0-2.el7 will be installed
---> Package python2-mock.noarch 0:1.0.1-9.el7 will be installed
--> Running transaction check
---> Package dialog.x86_64 0:1.2-4.20130523.el7 will be installed
---> Package pyOpenSSL.x86_64 0:0.13.1-3.el7 will be installed
---> Package python-ndg_httpsclient.noarch 0:0.3.2-1.el7 will be installed
---> Package python-zope-event.noarch 0:4.0.3-2.el7 will be installed
---> Package python2-certbot-apache.noarch 0:0.11.1-1.el7 will be installed
--> Processing Dependency: mod_ssl for package: python2-certbot-apache-0.11.1-1.el7.noarch
---> Package python2-cryptography.x86_64 0:1.3.1-3.el7 will be installed
--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.3.1-3.el7.x86_64
--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.3.1-3.el7.x86_64
--> Processing Dependency: python-ipaddress for package: python2-cryptography-1.3.1-3.el7.x86_64
--> Processing Dependency: python-enum34 for package: python2-cryptography-1.3.1-3.el7.x86_64
---> Package python2-pyrfc3339.noarch 0:1.0-2.el7 will be installed
---> Package pytz.noarch 0:2012d-5.el7 will be installed
--> Running transaction check
---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed
--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64
---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed
---> Package python-idna.noarch 0:2.0-1.el7 will be installed
---> Package python-ipaddress.noarch 0:1.0.16-2.el7 will be installed
---> Package python2-certbot-apache.noarch 0:0.11.1-1.el7 will be installed
--> Processing Dependency: mod_ssl for package: python2-certbot-apache-0.11.1-1.el7.noarch
--> Running transaction check
---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed
--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch
---> Package python2-certbot-apache.noarch 0:0.11.1-1.el7 will be installed
--> Processing Dependency: mod_ssl for package: python2-certbot-apache-0.11.1-1.el7.noarch
--> Running transaction check
---> Package python-ply.noarch 0:3.4-10.el7 will be installed
---> Package python2-certbot-apache.noarch 0:0.11.1-1.el7 will be installed
--> Processing Dependency: mod_ssl for package: python2-certbot-apache-0.11.1-1.el7.noarch
--> Finished Dependency Resolution
Error: Package: python2-certbot-apache-0.11.1-1.el7.noarch (epel)
Requires: mod_ssl
You could try using --skip-broken to work around the problem
You could try running: rpm -Va --nofiles --nodigest
[loneadmin@cpanel-test ~]$ sudo systemctl start httpd
[loneadmin@cpanel-test ~]$ systemctl status httpd
● httpd.service - Apache web server managed by cPanel EasyApache
Loaded: loaded (/etc/systemd/system/httpd.service; enabled; vendor preset: disabled)
Active: active (running) since Thu 2017-03-09 00:11:08 MST; 4 days ago
Main PID: 24231 (httpd)
CGroup: /system.slice/httpd.service
├─12213 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/...
├─12214 /usr/sbin/httpd -k start
├─12215 /usr/sbin/httpd -k start
├─12216 /usr/sbin/httpd -k start
├─12217 /usr/sbin/httpd -k start
├─12218 /usr/sbin/httpd -k start
├─12272 /usr/sbin/httpd -k start
└─24231 /usr/sbin/httpd -k start
[loneadmin@cpanel-test ~]$ curl www.gangren.team
<!DOCTYPE html>
<html>
<body>
<h1>My First Heading</h1>
<p>My first paragraph.</p>
</body>
</html>
[loneadmin@cpanel-test ~]$ curl -k https://gangren.team
curl: (35) SSL received a record that exceeded the maximum permissible length.
[loneadmin@cpanel-test ~]$ sudo certbot --apache -d gangren.team -d www.gangren.team
sudo: certbot: command not found
OUTPUT FROM SECOND SET OF STEPS:
[loneadmin@cpanel-test ~]$ sudo git clone https://github.com/letsencrypt/letsencrypt
Cloning into 'letsencrypt'...
remote: Counting objects: 44254, done.
remote: Compressing objects: 100% (84/84), done.
remote: Total 44254 (delta 42), reused 0 (delta 0), pack-reused 44170
Receiving objects: 100% (44254/44254), 12.97 MiB | 3.23 MiB/s, done.
Resolving deltas: 100% (31620/31620), done.
[loneadmin@cpanel-test ~]$ cd letsencrypt
[loneadmin@cpanel-test letsencrypt]$ ./letsencrypt-auto --help
Bootstrapping dependencies for RedHat-based OSes...
yum is /usr/bin/yum
Loaded plugins: fastestmirror, tsflags, universal-hooks
Loading mirror speeds from cached hostfile
* EA4: 208.43.108.66
* base: centos.aol.com
* epel: mirror.us.leaseweb.net
* extras: centos.aol.com
* updates: mirror.netdepot.com
Package gcc-4.8.5-11.el7.x86_64 already installed and latest version
Package 1:openssl-1.0.1e-60.el7_3.1.x86_64 already installed and latest version
Package 1:openssl-devel-1.0.1e-60.el7_3.1.x86_64 already installed and latest version
Package redhat-rpm-config-9.1.0-72.el7.centos.noarch already installed and latest version
Package ca-certificates-2015.2.6-73.el7.noarch already installed and latest version
Package python-2.7.5-48.el7.x86_64 already installed and latest version
Package python-devel-2.7.5-48.el7.x86_64 already installed and latest version
Package python-tools-2.7.5-48.el7.x86_64 already installed and latest version
Resolving Dependencies
--> Running transaction check
---> Package augeas-libs.x86_64 0:1.4.0-2.el7 will be installed
---> Package libffi-devel.x86_64 0:3.0.13-18.el7 will be installed
---> Package python-pip.noarch 0:7.1.0-1.el7 will be obsoleted
---> Package python-virtualenv.noarch 0:1.10.1-3.el7 will be installed
---> Package python2-pip.noarch 0:8.1.2-5.el7 will be obsoleting
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
augeas-libs x86_64 1.4.0-2.el7 base 355 k
libffi-devel x86_64 3.0.13-18.el7 base 23 k
python-virtualenv noarch 1.10.1-3.el7 base 1.2 M
python2-pip noarch 8.1.2-5.el7 epel 1.7 M
replacing python-pip.noarch 7.1.0-1.el7
Transaction Summary
================================================================================
Install 4 Packages
Total download size: 3.3 M
Downloading packages:
(1/4): libffi-devel-3.0.13-18.el7.x86_64.rpm | 23 kB 00:00
(2/4): augeas-libs-1.4.0-2.el7.x86_64.rpm | 355 kB 00:00
(3/4): python-virtualenv-1.10.1-3.el7.noarch.rpm | 1.2 MB 00:00
(4/4): python2-pip-8.1.2-5.el7.noarch.rpm | 1.7 MB 00:01
--------------------------------------------------------------------------------
Total 1.9 MB/s | 3.3 MB 00:01
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : augeas-libs-1.4.0-2.el7.x86_64 1/5
Installing : python2-pip-8.1.2-5.el7.noarch 2/5
Installing : libffi-devel-3.0.13-18.el7.x86_64 3/5
Installing : python-virtualenv-1.10.1-3.el7.noarch 4/5
Erasing : python-pip-7.1.0-1.el7.noarch 5/5
Verifying : python-virtualenv-1.10.1-3.el7.noarch 1/5
Verifying : libffi-devel-3.0.13-18.el7.x86_64 2/5
Verifying : python2-pip-8.1.2-5.el7.noarch 3/5
Verifying : augeas-libs-1.4.0-2.el7.x86_64 4/5
Verifying : python-pip-7.1.0-1.el7.noarch 5/5
Installed:
augeas-libs.x86_64 0:1.4.0-2.el7 libffi-devel.x86_64 0:3.0.13-18.el7
python-virtualenv.noarch 0:1.10.1-3.el7 python2-pip.noarch 0:8.1.2-5.el7
Replaced:
python-pip.noarch 0:7.1.0-1.el7
Complete!
Creating virtual environment...
Installing Python packages...
Installation succeeded.
Requesting root privileges to run certbot...
/home/loneadmin/.local/share/letsencrypt/bin/letsencrypt --help
letsencrypt-auto [SUBCOMMAND] [options] [-d DOMAIN] [-d DOMAIN] ...
Certbot can obtain and install HTTPS/TLS/SSL certificates. By default,
it will attempt to use a webserver both for obtaining and installing the
cert. The most common SUBCOMMANDS and flags are:
obtain, install, and renew certificates:
(default) run Obtain & install a cert in your current webserver
certonly Obtain or renew a cert, but do not install it
renew Renew all previously obtained certs that are near expiry
-d DOMAINS Comma-separated list of domains to obtain a cert for
--apache Use the Apache plugin for authentication & installation
--standalone Run a standalone webserver for authentication
--nginx Use the Nginx plugin for authentication & installation
--webroot Place files in a server's webroot folder for authentication
--manual Obtain certs interactively, or using shell script hooks
-n Run non-interactively
--test-cert Obtain a test cert from a staging server
--dry-run Test "renew" or "certonly" without saving any certs to disk
manage certificates:
certificates Display information about certs you have from Certbot
revoke Revoke a certificate (supply --cert-path)
delete Delete a certificate
manage your account with Let's Encrypt:
register Create a Let's Encrypt ACME account
--agree-tos Agree to the ACME server's Subscriber Agreement
-m EMAIL Email address for important account notifications
More detailed help:
-h, --help [TOPIC] print this message, or detailed help on a topic;
the available TOPICS are:
all, automation, commands, paths, security, testing, or any of the
subcommands or plugins (certonly, renew, install, register, nginx,
apache, standalone, webroot, etc.)
[loneadmin@cpanel-test letsencrypt]$ ./letsencrypt-auto --apache -d gangren.team -d www.gangren.team
Requesting root privileges to run certbot...
/home/loneadmin/.local/share/letsencrypt/bin/letsencrypt --apache -d gangren.team -d www.gangren.team
Saving debug log to /var/log/letsencrypt/letsencrypt.log
The apache plugin is not working; there may be problems with your existing configuration.
The error was: NoInstallationError('Could not find configuration root',)