Webroot_map domains missing

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: srv-a-de.c-231.maxcluster.net

I ran this command: /usr/bin/certbot --no-self-upgrade --duplicate --non-interactive --agree-tos --register-unsafely-without-email certonly --webroot -w /var/www/share/srv-a-de.c-231.maxcluster.net/htdocs/ --cert-name srv-a-de.c-231.maxcluster.net -d srv-a-de.c-231.maxcluster.net -d letest.c-231.maxcluster.net -d letsencrypt.c-231.maxcluster.net -d srv-a-test.c-231.maxcluster.net -d srv-a.c-231.maxcluster.net -d test.c-231.maxcluster.net -d testing.c-231.maxcluster.net

It produced this output: it’s piped to dev null

My web server is (include version): Apache/2.4.29

The operating system my web server runs on is (include version): Ubuntu 18.04

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.33.1

Well now to my main issue…
We have an Interface which is able to edit the aliases of the domains, as you can see the command get’s those with -d but the problem is that the renewal conf is always showing our latest edit.

In this case it looks like this:

# renew_before_expiry = 30 days
version = 0.33.1
archive_dir = /etc/letsencrypt/archive/srv-a-de.c-231.maxcluster.net
cert = /etc/letsencrypt/live/srv-a-de.c-231.maxcluster.net/cert.pem
privkey = /etc/letsencrypt/live/srv-a-de.c-231.maxcluster.net/privkey.pem
chain = /etc/letsencrypt/live/srv-a-de.c-231.maxcluster.net/chain.pem
fullchain = /etc/letsencrypt/live/srv-a-de.c-231.maxcluster.net/fullchain.pem

# Options used in the renewal process
authenticator = webroot
account = b9ac4f09150fdf4a39682ea14f33e4c0
webroot_path = /var/www/share/srv-a-de.c-231.maxcluster.net/htdocs,
server = https://acme-v02.api.letsencrypt.org/directory

letsencrypt.c-231.maxcluster.net = /var/www/share/srv-a-de.c-231.maxcluster.net/htdocs

If it looks like this and i try to renew the certificate it fails and tells me it is missing something in the config files. I started to fill in all aliases in the webroot_map and renewed again. Which worked just fine.

Is that the only solution for this problem?

Hi @ronalton,

It appears you have a comma character at the end of webroot_path = /var/www/share/srv-a-de.c-231.maxcluster.net/htdocs,. Try removing that comma and let’s see what happens. I just want to work through the very obvious things first.

1 Like

Hi @Phil,

so i did that and it changed nothing apparently. Still having the same Problem that it has missing something in the config files.

Appreciate your help :slight_smile:

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.