We were unable to find a vhost with a ServerName or Address

https://crt.sh/?q=theceliacsite.com

My domain is: theceliacsite.com

I ran this command: certbot -d theceliacsite.com -d www.theceliacsite.com

It produced this output:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Cert not yet due for renewal

You have an existing certificate that has exactly the same domains or certificate name you requested and isn’t close to expiry.
(ref: /etc/letsencrypt/renewal/theceliacsite.com-0002.conf)

What would you like to do?

1: Attempt to reinstall this existing certificate
2: Renew & replace the cert (limit ~5 per 7 days)

Select the appropriate number [1-2] then [enter] (press ‘c’ to cancel): 1
Keeping the existing certificate

We were unable to find a vhost with a ServerName or Address of theceliacsite.com.
Which virtual host would you like to choose?

And then I have a list of other hosts that are here, none of them is theceliacsite.com
…
Select the appropriate number [1-33] then [enter] (press ‘c’ to cancel): c
No vhost exists with servername or alias of theceliacsite.com. No vhost was selected. Please specify ServerName or ServerAlias in the Apache config.
No vhost selected

IMPORTANT NOTES:

• Unable to install the certificate
• Congratulations! Your certificate and chain have been saved at:
  /etc/letsencrypt/live/theceliacsite.com-0002/fullchain.pem
  Your key file has been saved at:
  /etc/letsencrypt/live/theceliacsite.com-0002/privkey.pem
  Your cert will expire on 2020-06-28. To obtain a new or tweaked
  version of this certificate in the future, simply run certbot again
  with the “certonly” option. To non-interactively renew all of
  your certificates, run “certbot renew”

My web server is (include version):
Server version: Apache/2.4.6 (CentOS)

The operating system my web server runs on is (include version):
Linux 3.10.0-1062.18.1.el7.x86_64 #1 SMP Tue Mar 17 23:49:17 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux

I can login to a root shell on my machine (yes or no, or I don’t know):

yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

certbot 1.3.0

my /etc/httpd/sites-available/theceliacsite.com.conf file looks like this:

<VirtualHost *:80>
ServerName www.theceliacsite.com
ServerAlias theceliacsite.com
DocumentRoot /var/www/theceliacsite.com/html
ErrorLog /var/www/theceliacsite.com/log/theceliacsite.com-error.log
CustomLog /var/www/theceliacsite.com/log/theceliacsite.com-access.log combined
RewriteEngine on
#RewriteCond %{SERVER_NAME} =theceliacsite.com [OR]
#RewriteCond %{SERVER_NAME} =www.theceliacsite.com
#RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

<VirtualHost *:443>
ServerName www.theceliacsite.com
ServerAlias theceliacsite.com
DocumentRoot /var/www/theceliacsite.com/html
ErrorLog /var/www/theceliacsite.com/log/theceliacsite.com-ssl-error.log
CustomLog /var/www/theceliacsite.com/log/theceliacsite.com-ssl-access.log combined
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/theceliacsite.com-0002/cert1.pem
SSLCertificateKeyFile /etc/letsencrypt/live/theceliacsite.com-0002/privkey1.pem
SSLCertificateChainFile /etc/letsencrypt/live/theceliacsite.com-0002/chain1.pem

and have done a link in /etc/httpd/sites-enabled/theceliacsite.com -> /etc/httpd/sites-available/theceliacsite.com.conf

Have reloaded, restarted the httpd service many times and also tries to tweak the .conf file but no matter what I do I get that “unable to find a vhost” error even if I do find the generated .pem files. Even so, the website still doesn’t show up.

Please also note this is behind the cloudflare CDN proxy.

Hi @isab

what says

apachectl -S

Nothing at all, no output, no error at all and nothing shows while having an journalctl -f command open either.

CentOS:

Use

httpd -S

instead.

I have replaced the actial domain names with siteX. All other domains hosted here have the same configuration as this one and was able to successfully generate the ssl with letsencrypt as described in the initial post

httpd -S:

VirtualHost configuration:
*:80                   is a NameVirtualHost
         default server www.site1.com (/etc/httpd/sites-enabled/site1.com.conf:1)
         port 80 namevhost www.site1.com (/etc/httpd/sites-enabled/site1.com.conf:1)
                 alias site1.com
         port 80 namevhost www.site2.org (/etc/httpd/sites-enabled/site2.org.conf:1)
                 alias site2.org
         port 80 namevhost www.site3.com (/etc/httpd/sites-enabled/site3.com.conf:1)
                 alias site3.com
         port 80 namevhost www.site15.com (/etc/httpd/sites-enabled/site15.com.conf:1)
                 alias site15.com
         port 80 namevhost www.site3.com (/etc/httpd/sites-enabled/site16.xyz.conf:1)
                 alias site3.com
         port 80 namevhost www.site4.com (/etc/httpd/sites-enabled/site4.com.conf:1)
                 alias site4.com
         port 80 namevhost www.site5.com (/etc/httpd/sites-enabled/site5.com.conf:1)
                 alias site5.com
         port 80 namevhost www.site6.com (/etc/httpd/sites-enabled/site6.com.conf:1)
                 alias site6.com
         port 80 namevhost www.site7.com (/etc/httpd/sites-enabled/site7.com.conf:1)
                 alias site7.com
         port 80 namevhost www.site8.com (/etc/httpd/sites-enabled/site8.com.conf:1)
                 alias site8.com
         port 80 namevhost www.site9.net (/etc/httpd/sites-enabled/site9.net.conf:1)
                 alias site9.net
         port 80 namevhost www.site10.com (/etc/httpd/sites-enabled/site10.com.conf:1)
                 alias site10.com
         port 80 namevhost www.site11.com (/etc/httpd/sites-enabled/site11.com.conf:1)
                 alias site11.com
         port 80 namevhost www.site12.com (/etc/httpd/sites-enabled/site12.com.conf:1)
                 alias site12.com
         port 80 namevhost www.site13.com (/etc/httpd/sites-enabled/site13.com.conf:1)
                 alias site13.com
         port 80 namevhost www.site14.com (/etc/httpd/sites-enabled/site14.com.conf:1)
                 alias site14.com
*:443                  is a NameVirtualHost
         default server myhostname.example.com (/etc/httpd/conf.d/ssl.conf:56)
         port 443 namevhost myhostname.example.com (/etc/httpd/conf.d/ssl.conf:56)
         port 443 namevhost www.site1.com (/etc/httpd/sites-enabled/site1.com.conf:13)
                 alias site1.com
         port 443 namevhost www.site2.org (/etc/httpd/sites-enabled/site2.org.conf:13)
                 alias site2.org
         port 443 namevhost www.site3.com (/etc/httpd/sites-enabled/site3.com.conf:13)
                 alias site3.com
         port 443 namevhost www.site15.com (/etc/httpd/sites-enabled/site15.com.conf:13)
                 alias site15.com
         port 443 namevhost www.site3.com (/etc/httpd/sites-enabled/site16.xyz.conf:9)
                 alias site3.com
         port 443 namevhost www.site4.com (/etc/httpd/sites-enabled/site4.com.conf:13)
                 alias site4.com
         port 443 namevhost www.site5.com (/etc/httpd/sites-enabled/site5.com.conf:13)
                 alias site5.com
         port 443 namevhost www.site6.com (/etc/httpd/sites-enabled/site6.com.conf:13)
                 alias site6.com
         port 443 namevhost www.site7.com (/etc/httpd/sites-enabled/site7.com.conf:13)
                 alias site7.com
         port 443 namevhost www.site8.com (/etc/httpd/sites-enabled/site8.com.conf:13)
                 alias site8.com
         port 443 namevhost www.site9.net (/etc/httpd/sites-enabled/site9.net.conf:13)
                 alias site9.net
         port 443 namevhost www.site10.com (/etc/httpd/sites-enabled/site10.com.conf:13)
                 alias site10.com
         port 443 namevhost www.site11.com (/etc/httpd/sites-enabled/site11.com.conf:14)
                 alias site11.com
         port 443 namevhost www.site12.com (/etc/httpd/sites-enabled/site12.com.conf:9)
                 alias site12.com
         port 443 namevhost www.site13.com (/etc/httpd/sites-enabled/site13.com.conf:13)
                 alias site13.com
         port 443 namevhost www.site14.com (/etc/httpd/sites-enabled/site14.com.conf:13)
                 alias site14.com
ServerRoot: "/etc/httpd"
Main DocumentRoot: "/var/www/html"
Main ErrorLog: "/etc/httpd/logs/error_log"
Mutex proxy-balancer-shm: using_defaults
Mutex rewrite-map: using_defaults
Mutex authdigest-client: using_defaults
Mutex fcgid-proctbl: using_defaults
Mutex ssl-stapling: using_defaults
Mutex proxy: using_defaults
Mutex authn-socache: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/run/httpd/" mechanism=default
Mutex mpm-accept: using_defaults
Mutex fcgid-pipe: using_defaults
Mutex authdigest-opaque: using_defaults
PidFile: "/run/httpd/httpd.pid"
Define: _RH_HAS_HTTPPROTOCOLOPTIONS
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="apache" id=48
Group: name="apache" id=48

Is there

www.theceliacsite.com

listed? If not, that file may be buggy or there is another problem, so that vHost doesn’t work.

@JuergenAuer Thank you for this simple approach, my /etc/httpd/sites-enabled/theceliacsite.com file didn’t have the .conf extension so it wasn’t properly listed as a domain by httpd. This is why when trying the certbot command I got those errors.

Now that I’ve corrected this issue I noticed that I cannot issue another cert because too many failed attempts (5 I guess) and after reading the letsencrypt docs I realized that I need to wait for another week to do that.

Problem solved, silly me.

No. 5 failed -> one hour, not one week.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.