Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: tracker.linkpc.net
I ran this command: sudo certbot renew --dry-run
It produced this output: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/tracker.linkpc.net.conf
Cert not due for renewal, but simulating renewal for dry run
Plugins selected: Authenticator apache, Installer apache
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for tracker.linkpc.net
Cleaning up challenges
Attempting to renew cert (tracker.linkpc.net) from /etc/letsencrypt/renewal/tracker.linkpc.net.conf produced an unexpected error: Unable to find a virtual host listening on port 80 which is currently needed for Certbot to prove to the CA that you control your domain. Please add a virtual host for port 80… Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/tracker.linkpc.net/fullchain.pem (failure)
** DRY RUN: simulating ‘certbot renew’ close to cert expiry
** (The test certificates below have not been saved.)
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/tracker.linkpc.net/fullchain.pem (failure)
** DRY RUN: simulating ‘certbot renew’ close to cert expiry
** (The test certificates above have not been saved.)
1 renew failure(s), 0 parse failure(s)
My web server is (include version): Apache/2.4.18 (Ubuntu)
The operating system my web server runs on is (include version): ubuntu 16.04
My hosting provider, if applicable, is: redirect from dns servers at dnsexit.com
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you’re using Certbot): certbot - 0.28.0
I have ports open for both 80 and 443, I thought it may have been because on port 80 I just has a redirect up to https: but having put the original Apache2/Ubuntu index.html back it is not that.
I Apache I have also restricted access to just /var/www/ I was just prompted to try seeing an email on other posts and now wonder what I have done wroing.
I have tried stopping programs like fail2ban on theprts etc all with seemingly no effect.
The original set up would have been a proxy redirect from localhost:8082 and in
ServerName tracker.linkpc.net
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
ProxyPass /api/socket ws://localhost:8082/api/socket
ProxyPassReverse /api/socket ws://localhost:8082/api/socket
ProxyPass / http://localhost:8082/
ProxyPassReverse / http://localhost:8082/
SSLEngine on
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
</VirtualHost>
And then run the certbot from yourselves to change as required.
Thanks
Adrian