Unable to install the certificate / ubuntu 14.04


#1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:
http-01 challenge for anmtspace.com
http-01 challenge for berstlawfirm.com
http-01 challenge for bigskysun.com
http-01 challenge for billingsmakerspace.com
http-01 challenge for densontech.com
http-01 challenge for downloads.densontech.com
http-01 challenge for embeddor.com
http-01 challenge for lockwoodinternet.com
http-01 challenge for members.billingsmakerspace.com
http-01 challenge for shop.billingsmakerspace.com
http-01 challenge for store.densontech.com
http-01 challenge for store.embeddor.com
http-01 challenge for www.anmtspace.com
http-01 challenge for www.berstlawfirm.com
http-01 challenge for www.bigskysun.com
http-01 challenge for www.billingsmakerspace.com
http-01 challenge for www.densontech.com
http-01 challenge for www.embeddor.com
http-01 challenge for www.lockwoodinternet.com

I ran this command:
certbot

It produced this output:
Created an SSL vhost at /etc/apache2/sites-available/anmtspace.com.vhost-le-ssl.conf
Deploying Certificate to VirtualHost /etc/apache2/sites-available/anmtspace.com.vhost-le-ssl.conf
Enabling available site: /etc/apache2/sites-available/anmtspace.com.vhost-le-ssl.conf
Deploying Certificate to VirtualHost /etc/apache2/sites-available/anmtspace.com.vhost-le-ssl.conf
Created an SSL vhost at /etc/apache2/sites-available/berstlawfirm.com.vhost-le-ssl.conf
Deploying Certificate to VirtualHost /etc/apache2/sites-available/berstlawfirm.com.vhost-le-ssl.conf
Enabling available site: /etc/apache2/sites-available/berstlawfirm.com.vhost-le-ssl.conf
Deploying Certificate to VirtualHost /etc/apache2/sites-available/berstlawfirm.com.vhost-le-ssl.conf
Created an SSL vhost at /etc/apache2/sites-available/bigskysun.com.vhost-le-ssl.conf
Deploying Certificate to VirtualHost /etc/apache2/sites-available/bigskysun.com.vhost-le-ssl.conf
Enabling available site: /etc/apache2/sites-available/bigskysun.com.vhost-le-ssl.conf
Deploying Certificate to VirtualHost /etc/apache2/sites-available/bigskysun.com.vhost-le-ssl.conf
Created an SSL vhost at /etc/apache2/sites-available/billingsmakerspace.com.vhost-le-ssl.conf
Deploying Certificate to VirtualHost /etc/apache2/sites-available/billingsmakerspace.com.vhost-le-ssl.conf
Enabling available site: /etc/apache2/sites-available/billingsmakerspace.com.vhost-le-ssl.conf
Created an SSL vhost at /etc/apache2/sites-available/members.billingsmakerspace.com.vhost-le-ssl.conf
Deploying Certificate to VirtualHost /etc/apache2/sites-available/members.billingsmakerspace.com.vhost-le-ssl.conf
Enabling available site: /etc/apache2/sites-available/members.billingsmakerspace.com.vhost-le-ssl.conf
Created an SSL vhost at /etc/apache2/sites-available/shop.billingsmakerspace.com.vhost-le-ssl.conf
Deploying Certificate to VirtualHost /etc/apache2/sites-available/shop.billingsmakerspace.com.vhost-le-ssl.conf
Enabling available site: /etc/apache2/sites-available/shop.billingsmakerspace.com.vhost-le-ssl.conf
Deploying Certificate to VirtualHost /etc/apache2/sites-available/billingsmakerspace.com.vhost-le-ssl.conf
Created an SSL vhost at /etc/apache2/sites-available/densontech.com.vhost-le-ssl.conf
Deploying Certificate to VirtualHost /etc/apache2/sites-available/densontech.com.vhost-le-ssl.conf
Enabling available site: /etc/apache2/sites-available/densontech.com.vhost-le-ssl.conf
Created an SSL vhost at /etc/apache2/sites-available/downloads.densontech.com.vhost-le-ssl.conf
Deploying Certificate to VirtualHost /etc/apache2/sites-available/downloads.densontech.com.vhost-le-ssl.conf
Enabling available site: /etc/apache2/sites-available/downloads.densontech.com.vhost-le-ssl.conf
Created an SSL vhost at /etc/apache2/sites-available/embeddor.com.vhost-le-ssl.conf
Deploying Certificate to VirtualHost /etc/apache2/sites-available/embeddor.com.vhost-le-ssl.conf
Enabling available site: /etc/apache2/sites-available/embeddor.com.vhost-le-ssl.conf
Deploying Certificate to VirtualHost /etc/apache2/sites-available/densontech.com.vhost-le-ssl.conf
Deploying Certificate to VirtualHost /etc/apache2/sites-available/embeddor.com.vhost-le-ssl.conf
Deploying Certificate to VirtualHost /etc/apache2/sites-available/embeddor.com.vhost-le-ssl.conf
Deploying Certificate to VirtualHost /etc/apache2/sites-available/embeddor.com.vhost-le-ssl.conf
File:

  • Could not be found to be deleted /etc/apache2/sites-available/lockwoodinternet.com.vhost-le-ssl.conf - Certbot probably shut down unexpectedly
    An unexpected error occurred:
    Traceback (most recent call last):
    File “/usr/bin/certbot”, line 11, in
    load_entry_point(‘certbot==0.28.0’, ‘console_scripts’, ‘certbot’)()
    File “/usr/lib/python3/dist-packages/certbot/main.py”, line 1340, in main
    return config.func(config, plugins)
    File “/usr/lib/python3/dist-packages/certbot/main.py”, line 1101, in run
    _install_cert(config, le_client, domains, new_lineage)
    File “/usr/lib/python3/dist-packages/certbot/main.py”, line 735, in _install_cert
    path_provider.cert_path, path_provider.chain_path, path_provider.fullchain_path)
    File “/usr/lib/python3/dist-packages/certbot/client.py”, line 498, in deploy_certificate
    fullchain_path=fullchain_path)
    File “/usr/lib/python3/dist-packages/certbot_apache/configurator.py”, line 334, in deploy_cert
    vhosts = self.choose_vhosts(domain)
    File “/usr/lib/python3/dist-packages/certbot_apache/configurator.py”, line 358, in choose_vhosts
    return [self.choose_vhost(domain, create_if_no_ssl)]
    File “/usr/lib/python3/dist-packages/certbot_apache/configurator.py”, line 540, in choose_vhost
    vhost = self.make_vhost_ssl(vhost)
    File “/usr/lib/python3/dist-packages/certbot_apache/configurator.py”, line 1115, in make_vhost_ssl
    self._copy_create_ssl_vhost_skeleton(nonssl_vhost, ssl_fp)
    File “/usr/lib/python3/dist-packages/certbot_apache/configurator.py”, line 1259, in _copy_create_ssl_vhost_skeleton
    ssl_vh_contents, sift = self._sift_rewrite_rules(orig_contents)
    File “/usr/lib/python3/dist-packages/certbot_apache/configurator.py”, line 1331, in _sift_rewrite_rules
    line = next(contents)
    StopIteration
    Please see the logfiles in /var/log/letsencrypt for more details.

IMPORTANT NOTES:

  • Unable to install the certificate
  • Congratulations! Your certificate and chain have been saved at:
    /etc/letsencrypt/live/anmtspace.com/fullchain.pem
    Your key file has been saved at:
    /etc/letsencrypt/live/anmtspace.com/privkey.pem
    Your cert will expire on 2019-05-08. To obtain a new or tweaked
    version of this certificate in the future, simply run certbot again
    with the “certonly” option. To non-interactively renew all of
    your certificates, run “certbot renew”
  • Some rewrite rules copied from
    /etc/apache2/sites-enabled/100-anmtspace.com.vhost were disabled in
    the vhost for your HTTPS site located at
    /etc/apache2/sites-available/anmtspace.com.vhost-le-ssl.conf
    because they have the potential to create redirection loops.
  • Some rewrite rules copied from
    /etc/apache2/sites-enabled/100-berstlawfirm.com.vhost were disabled
    in the vhost for your HTTPS site located at
    /etc/apache2/sites-available/berstlawfirm.com.vhost-le-ssl.conf
    because they have the potential to create redirection loops.
  • Some rewrite rules copied from
    /etc/apache2/sites-enabled/100-bigskysun.com.vhost were disabled in
    the vhost for your HTTPS site located at
    /etc/apache2/sites-available/bigskysun.com.vhost-le-ssl.conf
    because they have the potential to create redirection loops.
  • Some rewrite rules copied from
    /etc/apache2/sites-enabled/100-billingsmakerspace.com.vhost were
    disabled in the vhost for your HTTPS site located at
    /etc/apache2/sites-available/billingsmakerspace.com.vhost-le-ssl.conf
    because they have the potential to create redirection loops.
  • Some rewrite rules copied from
    /etc/apache2/sites-enabled/100-densontech.com.vhost were disabled
    in the vhost for your HTTPS site located at
    /etc/apache2/sites-available/densontech.com.vhost-le-ssl.conf
    because they have the potential to create redirection loops.
  • Some rewrite rules copied from
    /etc/apache2/sites-enabled/100-downloads.densontech.com.vhost were
    disabled in the vhost for your HTTPS site located at
    /etc/apache2/sites-available/downloads.densontech.com.vhost-le-ssl.conf
    because they have the potential to create redirection loops.
  • Some rewrite rules copied from
    /etc/apache2/sites-enabled/100-embeddor.com.vhost were disabled in
    the vhost for your HTTPS site located at
    /etc/apache2/sites-available/embeddor.com.vhost-le-ssl.conf because
    they have the potential to create redirection loops.
  • Some rewrite rules copied from
    /etc/apache2/sites-enabled/100-members.billingsmakerspace.com.vhost
    were disabled in the vhost for your HTTPS site located at
    /etc/apache2/sites-available/members.billingsmakerspace.com.vhost-le-ssl.conf
    because they have the potential to create redirection loops.
  • Some rewrite rules copied from
    /etc/apache2/sites-enabled/100-shop.billingsmakerspace.com.vhost
    were disabled in the vhost for your HTTPS site located at
    /etc/apache2/sites-available/shop.billingsmakerspace.com.vhost-le-ssl.conf
    because they have the potential to create redirection loops.

My web server is (include version):
apache2 2.4.7-1ubuntu4.21

The operating system my web server runs on is (include version):
ubuntu 14.04

My hosting provider, if applicable, is:
n/a

I can login to a root shell on my machine (yes or no, or I don’t know):
yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
yes, ispconfig

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
certbot 0.28.0

I’ve scoured google for matching results but nothing I’ve found works. already ran a2enmod ssl, already enabled.

This jumps out:
File:

  • Could not be found to be deleted /etc/apache2/sites-available/lockwoodinternet.com.vhost-le-ssl.conf - Certbot probably shut down unexpectedly
    An unexpected error occurred:

and that file doesn’t exist. I did remove all the *ssl.conf, the entire /etc/letsencrypt, and all the ssl links in sites-enabled. Right now, only my http vhosts are in site-available and sites-enabled.

The logging that shows the https files such as Created an SSL vhost at /etc/apache2/sites-available/bigskysun.com.vhost-le-ssl.conf aren’t actually doing that.

Here are what I believe are the relevant lines from the letsencrypt log
2019-02-07 10:33:04,534:DEBUG:certbot.reporter:Reporting to user: Some rewrite rules copied from /etc/apache2/sites-enabled/100-downloads.densontech.com.vhost were disabled in the vhost for your HTTPS site located at /etc/apache2/sites-available/downloads.densontech.com.vhost-le-ssl.conf because they have the potential to create redirection loops.
2019-02-07 10:33:04,550:INFO:certbot_apache.configurator:Created an SSL vhost at /etc/apache2/sites-available/downloads.densontech.com.vhost-le-ssl.conf
2019-02-07 10:33:04,567:DEBUG:certbot.reverter:Creating backup of /etc/apache2/sites-available/downloads.densontech.com.vhost-le-ssl.conf
2019-02-07 10:33:05,223:INFO:certbot_apache.configurator:Deploying Certificate to VirtualHost /etc/apache2/sites-available/downloads.densontech.com.vhost-le-ssl.conf
2019-02-07 10:33:05,224:INFO:certbot_apache.override_debian:Enabling available site: /etc/apache2/sites-available/downloads.densontech.com.vhost-le-ssl.conf
2019-02-07 10:33:05,383:DEBUG:certbot.reporter:Reporting to user: Some rewrite rules copied from /etc/apache2/sites-enabled/100-embeddor.com.vhost were disabled in the vhost for your HTTPS site located at /etc/apache2/sites-available/embeddor.com.vhost-le-ssl.conf because they have the potential to create redirection loops.
2019-02-07 10:33:05,403:INFO:certbot_apache.configurator:Created an SSL vhost at /etc/apache2/sites-available/embeddor.com.vhost-le-ssl.conf
2019-02-07 10:33:05,424:DEBUG:certbot.reverter:Creating backup of /etc/apache2/sites-available/embeddor.com.vhost-le-ssl.conf
2019-02-07 10:33:06,114:INFO:certbot_apache.configurator:Deploying Certificate to VirtualHost /etc/apache2/sites-available/embeddor.com.vhost-le-ssl.conf
2019-02-07 10:33:06,115:INFO:certbot_apache.override_debian:Enabling available site: /etc/apache2/sites-available/embeddor.com.vhost-le-ssl.conf
2019-02-07 10:33:07,442:INFO:certbot_apache.configurator:Deploying Certificate to VirtualHost /etc/apache2/sites-available/densontech.com.vhost-le-ssl.conf
2019-02-07 10:33:08,772:INFO:certbot_apache.configurator:Deploying Certificate to VirtualHost /etc/apache2/sites-available/embeddor.com.vhost-le-ssl.conf
2019-02-07 10:33:10,158:INFO:certbot_apache.configurator:Deploying Certificate to VirtualHost /etc/apache2/sites-available/embeddor.com.vhost-le-ssl.conf
2019-02-07 10:33:11,513:INFO:certbot_apache.configurator:Deploying Certificate to VirtualHost /etc/apache2/sites-available/embeddor.com.vhost-le-ssl.conf
2019-02-07 10:33:11,665:DEBUG:certbot.error_handler:Encountered exception:
Traceback (most recent call last):
File “/usr/lib/python3/dist-packages/certbot/client.py”, line 498, in deploy_certificate
fullchain_path=fullchain_path)
File “/usr/lib/python3/dist-packages/certbot_apache/configurator.py”, line 334, in deploy_cert
vhosts = self.choose_vhosts(domain)
File “/usr/lib/python3/dist-packages/certbot_apache/configurator.py”, line 358, in choose_vhosts
return [self.choose_vhost(domain, create_if_no_ssl)]
File “/usr/lib/python3/dist-packages/certbot_apache/configurator.py”, line 540, in choose_vhost
vhost = self.make_vhost_ssl(vhost)
File “/usr/lib/python3/dist-packages/certbot_apache/configurator.py”, line 1115, in make_vhost_ssl
self._copy_create_ssl_vhost_skeleton(nonssl_vhost, ssl_fp)
File “/usr/lib/python3/dist-packages/certbot_apache/configurator.py”, line 1259, in _copy_create_ssl_vhost_skeleton
ssl_vh_contents, sift = self._sift_rewrite_rules(orig_contents)
File “/usr/lib/python3/dist-packages/certbot_apache/configurator.py”, line 1331, in _sift_rewrite_rules
line = next(contents)
StopIteration

2019-02-07 10:33:11,666:DEBUG:certbot.error_handler:Calling registered functions
2019-02-07 10:33:11,671:WARNING:certbot.reverter:File:

  • Could not be found to be deleted /etc/apache2/sites-available/lockwoodinternet.com.vhost-le-ssl.conf - Certbot probably shut down unexpectedly
    2019-02-07 10:33:11,675:DEBUG:certbot.reporter:Reporting to user: Unable to install the certificate
    2019-02-07 10:33:11,676:DEBUG:certbot.log:Exiting abnormally:
    Traceback (most recent call last):
    File “/usr/bin/certbot”, line 11, in
    load_entry_point(‘certbot==0.28.0’, ‘console_scripts’, ‘certbot’)()
    File “/usr/lib/python3/dist-packages/certbot/main.py”, line 1340, in main
    return config.func(config, plugins)
    File “/usr/lib/python3/dist-packages/certbot/main.py”, line 1101, in run
    _install_cert(config, le_client, domains, new_lineage)
    File “/usr/lib/python3/dist-packages/certbot/main.py”, line 735, in _install_cert
    path_provider.cert_path, path_provider.chain_path, path_provider.fullchain_path)
    File “/usr/lib/python3/dist-packages/certbot/client.py”, line 498, in deploy_certificate
    fullchain_path=fullchain_path)
    File “/usr/lib/python3/dist-packages/certbot_apache/configurator.py”, line 334, in deploy_cert
    vhosts = self.choose_vhosts(domain)
    File “/usr/lib/python3/dist-packages/certbot_apache/configurator.py”, line 358, in choose_vhosts
    return [self.choose_vhost(domain, create_if_no_ssl)]
    File “/usr/lib/python3/dist-packages/certbot_apache/configurator.py”, line 540, in choose_vhost
    vhost = self.make_vhost_ssl(vhost)
    File “/usr/lib/python3/dist-packages/certbot_apache/configurator.py”, line 1115, in make_vhost_ssl
    self._copy_create_ssl_vhost_skeleton(nonssl_vhost, ssl_fp)
    File “/usr/lib/python3/dist-packages/certbot_apache/configurator.py”, line 1259, in _copy_create_ssl_vhost_skeleton
    ssl_vh_contents, sift = self._sift_rewrite_rules(orig_contents)
    File “/usr/lib/python3/dist-packages/certbot_apache/configurator.py”, line 1331, in _sift_rewrite_rules
    line = next(contents)
    StopIteration
    2019-02-07 10:33:11,676:ERROR:certbot.log:An unexpected error occurred:

please help, lots of sites offline.


#2

Could you take a look at https://github.com/certbot/certbot/issues/5866 and https://github.com/certbot/certbot/issues/5866 to see if your Apache config resembles the issue described within those issues?

At least, judging by your Certbot’s stack trace, that would seem to be the root cause.

As far as getting Apache back online, does your config currently parse OK?

apachectl -t

#3

yeah, I found both of those. I’ve abandon the system anyway and moved the sites to a new host which I had already planned to do, just had to do it in a slightly bigger hurry.


closed #4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.