Unanel to find a virtual host listening on port 80


#22

Prepend and postpend your “difficult” sections with a single line containing three backticks.
Like:

```
text that garbles
```

#23

Is this now a triple definition?

Certbot requires one unique vHost with the name aholab.ehu.es


#24

Is certbot-auto running on the same system?
[this is very bizarre]


#25

I don’t think it’s tripled.
But it is definitely doubled now:

The use of _default_ is “replaced” with the main config “ServerName” setting.
Which is most likely that same name.


#26

How can I avoid it? I don’t see any place where I have assigned the domain name to the default entry… :confounded:


#27

grep -Eri 'servername|serveralias' /etc/apache2 | grep aholab.ehu.es


#28

Change the default server to another name, not used. Something like internal.yourdomainname.


#29

None at all? How odd.

Do you have this file? /etc/os-release
If so what are its contents?
If not, what does this command produce? python -c 'import platform; print platform.linux_distribution();'

I am wondering if Certbot is looking in the wrong place for your Apache configuration files.


#30

It is a debian jessie, and your certificates have been working properly with our apache server for 2 years. The output of os-release is:

PRETTY_NAME="Debian GNU/Linux 8 (jessie)"
NAME="Debian GNU/Linux"
VERSION_ID="8"
VERSION="8 (jessie)"
ID=debian
HOME_URL="http://www.debian.org/"
SUPPORT_URL="http://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"
'''

#31

I did it, but no success:

The output of apachectl -t -S

VirtualHost configuration:
*:443                  aholab.ehu.es (/etc/apache2/sites-enabled/010-aholab-ssl.conf:4)
*:80                   is a NameVirtualHost
         default server internal.aholab.ehu.es (/etc/apache2/sites-enabled/000-default.conf:1)
         port 80 namevhost internal.aholab.ehu.es (/etc/apache2/sites-enabled/000-default.conf:1)
         port 80 namevhost aholab.ehu.es (/etc/apache2/sites-enabled/010-aholab.conf:2)
                 alias www.aholab.ehu.es
                 alias www.bips.bi.ehu.es
                 alias bips.bi.ehu.es
                 alias u002887.bi.ehu.es
         port 80 namevhost fundacion.sharerip.com (/etc/apache2/sites-enabled/fundacion.conf:3)
                 alias www.fundacion.sharerip.com
         port 80 namevhost jth2008.ehu.es (/etc/apache2/sites-enabled/jth2008.conf:3)
                 alias jth2008.ehu.es
         port 80 namevhost tool.jth2008.aholab.ehu.es (/etc/apache2/sites-enabled/jth2008.conftool.conf:3)
                 alias tool.jth2008.aholab.ehu.es
ServerRoot: "/etc/apache2"
Main DocumentRoot: "/var/www"
Main ErrorLog: "/var/log/apache2/error.log"
Mutex mpm-accept: using_defaults
Mutex fcgid-pipe: using_defaults
Mutex authdigest-opaque: using_defaults
Mutex watchdog-callback: using_defaults
Mutex rewrite-map: using_defaults
Mutex authdigest-client: using_defaults
Mutex fcgid-proctbl: using_defaults
Mutex ssl-stapling: using_defaults
Mutex proxy: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/var/lock/apache2" mechanism=fcntl
PidFile: "/var/run/apache2/apache2.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
Define: MODPERL2
Define: ENABLE_USR_LIB_CGI_BIN
User: name="www-data" id=33
Group: name="www-data" id=33

certbot-auto keeps on saying the same (although it updated to the newest version in the process):

Upgrading certbot-auto 0.30.0 to 0.30.1...
Replacing certbot-auto...
Creating virtual environment...
Installing Python packages...
Installation succeeded.
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
No names were found in your configuration files. Please enter in your domain
name(s) (comma and/or space separated)  (Enter 'c' to cancel): aholab.ehu.es
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for aholab.ehu.es
Cleaning up challenges
Unable to find a virtual host listening on port 80 which is currently needed for Certbot to prove to the CA that you control your domain. Please add a virtual host for port 80.

#32

The only file that looks like it might match is:
port 80 namevhost aholab.ehu.es (/etc/apache2/sites-enabled/010-aholab.conf:2)

Please show this file:
/etc/apache2/sites-enabled/010-aholab.conf


#33

010-aholab.conf

<VirtualHost *:80>
        ServerName aholab.ehu.es
        ServerAlias www.aholab.ehu.es www.bips.bi.ehu.es bips.bi.ehu.es u002887.bi.ehu.es
        DocumentRoot /var/www/

        Redirect permanent / https://aholab.ehu.es/

        ErrorLog /var/log/apache2/error.log
        CustomLog /var/log/apache2/access.log combined
</VirtualHost>

<Directory /var/www/phpmyadmin>
SSLRequireSSL
</Directory>

<Directory /var/www>
  AllowOverride All
</Directory>


<Directory /var/www/users/ddddd/webdav>
  Options Indexes MultiViews
  AllowOverride None
  Order allow,deny
  allow from all
</Directory>

Alias /ebaluazioa_2007 /var/www/users/ddddd
Redirect permanent /zure_tts http://aholab.ehu.es/zuretts

<Location /ddddd>
   DAV On
        Require user ddddd
   AuthType Basic
   AuthName "ddddd"
   AuthUserFile  /home/ddddd/.webdavpass
</Location>

#34

Since you may have made some changes, please show this output now:
grep -Eri 'servername|serveralias' /etc/apache2 | grep aholab.ehu.es


#35
/etc/apache2/old-sites/000-aholab.conf.orig:    ServerName aholab.ehu.es
/etc/apache2/old-sites/000-aholab.conf.orig:    ServerAlias www.aholab.ehu.es www.bips.bi.ehu.es bips.bi.ehu.es u002887.bi.ehu.es
/etc/apache2/old-sites/000-aholab.conf.orig:        ServerName aholab.ehu.es
/etc/apache2/old-sites/000-aholab.conf.orig:    ServerAlias www.aholab.ehu.es www.bips.bi.ehu.es bips.bi.ehu.es
/etc/apache2/old-sites/catalogo:        ServerName www.aholab.ehu.es/catalogo
/etc/apache2/old-sites/aholab:  ServerName aholab.ehu.es
/etc/apache2/old-sites/aholab:  ServerAlias www.aholab.ehu.es www.bips.bi.ehu.es bips.bi.ehu.es u002887.bi.ehu.es
/etc/apache2/old-sites/aholab:        ServerName aholab.ehu.es
/etc/apache2/old-sites/aholab:  ServerAlias www.aholab.ehu.es www.bips.bi.ehu.es bips.bi.ehu.es
/etc/apache2/sites-available/000-default.conf:    ServerName internal.aholab.ehu.es
/etc/apache2/sites-available/010-aholab-ssl.conf:        ServerName aholab.ehu.es
/etc/apache2/sites-available/010-aholab-ssl.conf:       ServerAlias www.aholab.ehu.es www.bips.bi.ehu.es bips.bi.ehu.es aholab.ehu.eus www.aholab.ehu.eus
/etc/apache2/sites-available/010-aholab.conf:   ServerName aholab.ehu.es
/etc/apache2/sites-available/010-aholab.conf:   ServerAlias www.aholab.ehu.es www.bips.bi.ehu.es bips.bi.ehu.es u002887.bi.ehu.es
/etc/apache2/sites-available/jth2008.conftool.conf:     ServerName tool.jth2008.aholab.ehu.es
/etc/apache2/sites-available/jth2008.conftool.conf:     ServerAlias tool.jth2008.aholab.ehu.es

The files in old-sites directory are not enabled.
I wonder why certbot-auto is not able to find any domain name in the conf files

Does this give you any hint about the problem?


#36

Certbot doesn’t understand your configuration.

Why are there so much numbers?

Why not simple aholab.ehu.es.conf as file name?


#37

The numbers are there to assure the files are loaded in a certain order, because the first one will be selected as the default server. Does certbot place naming restrictions in the conf files?


#38

I don’t know. But perhaps this is the problem, that Certbot scans the file names, not the complete content.

So rename one file that there is an exact match ServerName + ‘.conf’ = FileName. Then test it.


#39

Solved!!

The problem was not in the definition of the virtual hosts, neither in the duplication of the domain name due to the default server. The problem was in the apache2.conf file, the include line for the vhosts at the very end of the file was:

Include /etc/apache2/sites-enabled/[^.#]*

I don’t why it had such strange wildcards at the end, but when I changed it to

Include /etc/apache2/sites-enabled/*.conf

certbot-auto was able to show the list of enabled domains and the challenge finished correctly. I hope this info will be useful for other people.

Thank you for your help.


closed #40

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.