:/var/www/letsencrypt# ./letsencrypt-auto --apache
Updating letsencrypt and virtual environment dependencies…
Running with virtualenv: /root/.local/share/letsencrypt/bin/letsencrypt --apache
The apache plugin is not working; there may be problems with your existing configuration.
The error was: PluginError(‘Unable to parse runtime variables’,)
wildcard NameVirtualHosts and default servers:
default:443 your_domain.com (/etc/apache2/sites-enabled/default-ssl.conf:2)
*:80 is a NameVirtualHost
default server vps-7809.fhnet.fr (/etc/apache2/sites-enabled/000-default:1)
port 80 namevhost vps-7809.fhnet.fr (/etc/apache2/sites-enabled/000-default:1)
Are you using apache 2.2 ? if so it looks as if it’s a known bug - https://github.com/letsencrypt/letsencrypt/issues/1208
according to discussion in The apache plugin is not working; there may be problems with your existing configuration other methods (other than the -apache) should still work
ok… but clearly: do you know what command should I type in ?
(I guess many people still use apache2.2): that would be great to just have the command for apache2.2 instead of trying to make tests, search, posts in forums…
What to you want to achieve ?
I’m guessing you want to obtain an SSL cert for vps-7809.fhnet.fr and www.vps-7809.fhnet.fr ? anything else ?
Infact just an HTTPs on an IP address 18.104.22.168 so I can access it with https://22.214.171.124
Eh, why did you put LE inside your webdir?
I can't think of any reason why you would want it there.
According to this Certificate for public IP without domain name Let’s Encrypt is not issuing SSL certificates for IP addresses
You can not have aN LE certificate for an IP address, it needs to be a domain name.
On: now new problems
> ./letsencrypt-auto certonly --standalone -d nextechanisme.com -d www.nextechangisme.com
Updating letsencrypt and virtual environment dependencies.......
Running with virtualenv: /root/.local/share/letsencrypt/bin/letsencrypt certonly --standalone -d nextechanisme.com -d www.nextechangisme.com
Failed authorization procedure. nextechanisme.com (http-01): urn:acme:error:connection :: The server could not connect to the client for DV :: Server failure at resolver
Any idea ?
Do you own nextechangisme.com? if so you need to point the domain to your server, as it’s currently hosted elsewhere.
LE is checking that you own the domain before it issues a certificate, hence it expects the domain to be on the server you are asking for an SSL certificate for.
yes I own it and it is hosted on the SAME server where I try to run that command: 126.96.36.199
I am running that SSH command from 188.8.131.52 where nextechangisme.com is hosted
root@ns333468:/letsencrypt# dig nextechangisme.com
; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> nextechangisme.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 65152
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0
;; QUESTION SECTION:
;nextechangisme.com. IN A
;; ANSWER SECTION:
nextechangisme.com. 3366 IN A 184.108.40.206
;; AUTHORITY SECTION:
nextechangisme.com. 55564 IN NS ns110.ovh.net.
nextechangisme.com. 55564 IN NS dns110.ovh.net.
How does LE makes that check : how does LE check I own the domain name ?
Have you read the documentation and the overview of how it works - https://letsencrypt.org/howitworks/technology/ ?
for the method you are using ( default) it needs to place code within a specific place on your webserver ( in .well-known/acme-challenge folder ) that it then checks - so confirm that you have control on that domain.
ok, any idea why it just does not work ?
I am on the nextechangisme.com server with SSH, type in the right command and … nothing.
Still did not find the solution to my problem.
I am fighting for 2 hours to make it work on apache2.2
I guess many people are using apache2.2 so… why not to publish a step/step guide for apache2.2 ?
Yeah, you mistyped your domain: it's missing a
g in this post.
I feel so ashamed
Forgive me for that : it works !
Last (stupid) question: once I got that certificate: what is the next step ?
As you are doing a non-automatic configuration, you should edit the Apache configuration file of your HTTPS (virtual)host yourself. You should set the following settings:
And reload your Apache ofcourse
Thanks you so much for your great help !