Benjamin_Loison/certbot
1
0
Code Issues 5 Packages Projects Wiki

*Certbot doesn't know how to automatically configure the web server on this system.* #5

New Issue
Closed
opened 2024-11-15 13:17:10 +01:00 by Benjamin_Loison · 8 comments
Benjamin_Loison commented 2024-11-15 13:17:10 +01:00
Owner
Copy Link
sudo certbot
Output: 
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Certbot doesn't know how to automatically configure the web server on this system. However, it can still get a certificate for you. Please run "certbot certonly" to do so. You'll need to manually configure your web server to use the resulting certificate.

with apache2 on Ubuntu 24.

```bash sudo certbot ``` <details> <summary>Output:</summary> ``` Saving debug log to /var/log/letsencrypt/letsencrypt.log Certbot doesn't know how to automatically configure the web server on this system. However, it can still get a certificate for you. Please run "certbot certonly" to do so. You'll need to manually configure your web server to use the resulting certificate. ``` </details> with apache2 on Ubuntu 24.
Benjamin_Loison commented 2024-11-15 13:17:35 +01:00
Author
Owner
Copy Link
certbot
Output: 
The following error was encountered:
[Errno 13] Permission denied: '/var/log/letsencrypt/.certbot.lock'
Either run as root, or set --config-dir, --work-dir, and --logs-dir to writeable paths.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /tmp/certbot-log-_kx7_44e/log or re-run Certbot with -v for more details.
```bash certbot ``` <details> <summary>Output:</summary> ``` The following error was encountered: [Errno 13] Permission denied: '/var/log/letsencrypt/.certbot.lock' Either run as root, or set --config-dir, --work-dir, and --logs-dir to writeable paths. Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /tmp/certbot-log-_kx7_44e/log or re-run Certbot with -v for more details. ``` </details>
Benjamin_Loison commented 2024-11-15 13:17:58 +01:00
Author
Owner
Copy Link
certbot --help
Output: 
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

  certbot [SUBCOMMAND] [options] [-d DOMAIN] [-d DOMAIN] ...

Certbot can obtain and install HTTPS/TLS/SSL certificates.  By default,
it will attempt to use a webserver both for obtaining and installing the
certificate. The most common SUBCOMMANDS and flags are:

obtain, install, and renew certificates:
    (default) run   Obtain & install a certificate in your current webserver
    certonly        Obtain or renew a certificate, but do not install it
    renew           Renew all previously obtained certificates that are near
expiry
    enhance         Add security enhancements to your existing configuration
   -d DOMAINS       Comma-separated list of domains to obtain a certificate for

  (the certbot apache plugin is not installed)
  --standalone      Run a standalone webserver for authentication
  (the certbot nginx plugin is not installed)
  --webroot         Place files in a server's webroot folder for authentication
  --manual          Obtain certificates interactively, or using shell script
hooks

   -n               Run non-interactively
  --test-cert       Obtain a test certificate from a staging server
  --dry-run         Test "renew" or "certonly" without saving any certificates
to disk

manage certificates:
    certificates    Display information about certificates you have from Certbot
    revoke          Revoke a certificate (supply --cert-name or --cert-path)
    delete          Delete a certificate (supply --cert-name)
    reconfigure     Update a certificate's configuration (supply --cert-name)

manage your account:
    register        Create an ACME account
    unregister      Deactivate an ACME account
    update_account  Update an ACME account
    show_account    Display account details
  --agree-tos       Agree to the ACME server's Subscriber Agreement
   -m EMAIL         Email address for important account notifications

More detailed help:

  -h, --help [TOPIC]    print this message, or detailed help on a topic;
                        the available TOPICS are:

   all, automation, commands, paths, security, testing, or any of the
   subcommands or plugins (certonly, renew, install, register, nginx,
   apache, standalone, webroot, etc.)
  -h all                print a detailed help page including all topics
  --version             print the version number
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
```bash certbot --help ``` <details> <summary>Output:</summary> ``` - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - certbot [SUBCOMMAND] [options] [-d DOMAIN] [-d DOMAIN] ... Certbot can obtain and install HTTPS/TLS/SSL certificates. By default, it will attempt to use a webserver both for obtaining and installing the certificate. The most common SUBCOMMANDS and flags are: obtain, install, and renew certificates: (default) run Obtain & install a certificate in your current webserver certonly Obtain or renew a certificate, but do not install it renew Renew all previously obtained certificates that are near expiry enhance Add security enhancements to your existing configuration -d DOMAINS Comma-separated list of domains to obtain a certificate for (the certbot apache plugin is not installed) --standalone Run a standalone webserver for authentication (the certbot nginx plugin is not installed) --webroot Place files in a server's webroot folder for authentication --manual Obtain certificates interactively, or using shell script hooks -n Run non-interactively --test-cert Obtain a test certificate from a staging server --dry-run Test "renew" or "certonly" without saving any certificates to disk manage certificates: certificates Display information about certificates you have from Certbot revoke Revoke a certificate (supply --cert-name or --cert-path) delete Delete a certificate (supply --cert-name) reconfigure Update a certificate's configuration (supply --cert-name) manage your account: register Create an ACME account unregister Deactivate an ACME account update_account Update an ACME account show_account Display account details --agree-tos Agree to the ACME server's Subscriber Agreement -m EMAIL Email address for important account notifications More detailed help: -h, --help [TOPIC] print this message, or detailed help on a topic; the available TOPICS are: all, automation, commands, paths, security, testing, or any of the subcommands or plugins (certonly, renew, install, register, nginx, apache, standalone, webroot, etc.) -h all print a detailed help page including all topics --version print the version number - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ``` </details>
Benjamin_Loison commented 2024-11-15 13:18:51 +01:00
Author
Owner
Copy Link
ls -lh /etc/apache2/sites-enabled
Output: 
total 0
lrwxrwxrwx 1 root root 35 Oct 12 02:27 000-default.conf -> ../sites-available/000-default.conf
lrwxrwxrwx 1 root root 35 Oct 13 22:58 default-ssl.conf -> ../sites-available/default-ssl.conf
```bash ls -lh /etc/apache2/sites-enabled ``` <details> <summary>Output:</summary> ``` total 0 lrwxrwxrwx 1 root root 35 Oct 12 02:27 000-default.conf -> ../sites-available/000-default.conf lrwxrwxrwx 1 root root 35 Oct 13 22:58 default-ssl.conf -> ../sites-available/default-ssl.conf ``` </details>
Benjamin_Loison commented 2024-11-15 13:21:04 +01:00
Author
Owner
Copy Link

DuckDuckGo and Google search "the certbot apache plugin is not installed" and apt certbot apache.

DuckDuckGo and Google search `"the certbot apache plugin is not installed"` and *apt certbot apache*.
Benjamin_Loison commented 2024-11-15 13:23:34 +01:00
Author
Owner
Copy Link
sudo apt install -y python3-certbot-apache
Output: 
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following additional packages will be installed:
  augeas-lenses libaugeas0 python3-augeas
Suggested packages:
  augeas-doc augeas-tools python-certbot-apache-doc
The following NEW packages will be installed:
  augeas-lenses libaugeas0 python3-augeas python3-certbot-apache
0 upgraded, 4 newly installed, 0 to remove and 16 not upgraded.
Need to get 624 kB of archives.
After this operation, 3288 kB of additional disk space will be used.
Get:1 http://eu-marseille-1-ad-1.clouds.ports.ubuntu.com/ubuntu-ports noble/universe arm64 augeas-lenses all 1.14.1-1build2 [323 kB]
Get:2 http://eu-marseille-1-ad-1.clouds.ports.ubuntu.com/ubuntu-ports noble/universe arm64 libaugeas0 arm64 1.14.1-1build2 [164 kB]
Get:3 http://eu-marseille-1-ad-1.clouds.ports.ubuntu.com/ubuntu-ports noble/universe arm64 python3-augeas all 0.5.0-1.1 [9124 B]
Get:4 http://eu-marseille-1-ad-1.clouds.ports.ubuntu.com/ubuntu-ports noble/universe arm64 python3-certbot-apache all 2.9.0-1 [128 kB]
Fetched 624 kB in 0s (2383 kB/s)                 
debconf: delaying package configuration, since apt-utils is not installed
Selecting previously unselected package augeas-lenses.
(Reading database ... 97237 files and directories currently installed.)
Preparing to unpack .../augeas-lenses_1.14.1-1build2_all.deb ...
Unpacking augeas-lenses (1.14.1-1build2) ...
Selecting previously unselected package libaugeas0:arm64.
Preparing to unpack .../libaugeas0_1.14.1-1build2_arm64.deb ...
Unpacking libaugeas0:arm64 (1.14.1-1build2) ...
Selecting previously unselected package python3-augeas.
Preparing to unpack .../python3-augeas_0.5.0-1.1_all.deb ...
Unpacking python3-augeas (0.5.0-1.1) ...
Selecting previously unselected package python3-certbot-apache.
Preparing to unpack .../python3-certbot-apache_2.9.0-1_all.deb ...
Unpacking python3-certbot-apache (2.9.0-1) ...
Setting up augeas-lenses (1.14.1-1build2) ...
Setting up libaugeas0:arm64 (1.14.1-1build2) ...
Setting up python3-augeas (0.5.0-1.1) ...
Setting up python3-certbot-apache (2.9.0-1) ...
Processing triggers for libc-bin (2.39-0ubuntu8.3) ...

Source: https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-20-04

```bash sudo apt install -y python3-certbot-apache ``` <details> <summary>Output:</summary> ``` Reading package lists... Done Building dependency tree... Done Reading state information... Done The following additional packages will be installed: augeas-lenses libaugeas0 python3-augeas Suggested packages: augeas-doc augeas-tools python-certbot-apache-doc The following NEW packages will be installed: augeas-lenses libaugeas0 python3-augeas python3-certbot-apache 0 upgraded, 4 newly installed, 0 to remove and 16 not upgraded. Need to get 624 kB of archives. After this operation, 3288 kB of additional disk space will be used. Get:1 http://eu-marseille-1-ad-1.clouds.ports.ubuntu.com/ubuntu-ports noble/universe arm64 augeas-lenses all 1.14.1-1build2 [323 kB] Get:2 http://eu-marseille-1-ad-1.clouds.ports.ubuntu.com/ubuntu-ports noble/universe arm64 libaugeas0 arm64 1.14.1-1build2 [164 kB] Get:3 http://eu-marseille-1-ad-1.clouds.ports.ubuntu.com/ubuntu-ports noble/universe arm64 python3-augeas all 0.5.0-1.1 [9124 B] Get:4 http://eu-marseille-1-ad-1.clouds.ports.ubuntu.com/ubuntu-ports noble/universe arm64 python3-certbot-apache all 2.9.0-1 [128 kB] Fetched 624 kB in 0s (2383 kB/s) debconf: delaying package configuration, since apt-utils is not installed Selecting previously unselected package augeas-lenses. (Reading database ... 97237 files and directories currently installed.) Preparing to unpack .../augeas-lenses_1.14.1-1build2_all.deb ... Unpacking augeas-lenses (1.14.1-1build2) ... Selecting previously unselected package libaugeas0:arm64. Preparing to unpack .../libaugeas0_1.14.1-1build2_arm64.deb ... Unpacking libaugeas0:arm64 (1.14.1-1build2) ... Selecting previously unselected package python3-augeas. Preparing to unpack .../python3-augeas_0.5.0-1.1_all.deb ... Unpacking python3-augeas (0.5.0-1.1) ... Selecting previously unselected package python3-certbot-apache. Preparing to unpack .../python3-certbot-apache_2.9.0-1_all.deb ... Unpacking python3-certbot-apache (2.9.0-1) ... Setting up augeas-lenses (1.14.1-1build2) ... Setting up libaugeas0:arm64 (1.14.1-1build2) ... Setting up python3-augeas (0.5.0-1.1) ... Setting up python3-certbot-apache (2.9.0-1) ... Processing triggers for libc-bin (2.39-0ubuntu8.3) ... ``` </details> Source: https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-20-04
Benjamin_Loison commented 2024-11-15 13:24:01 +01:00
Author
Owner
Copy Link
certbot --help
Output: 
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

  certbot [SUBCOMMAND] [options] [-d DOMAIN] [-d DOMAIN] ...

Certbot can obtain and install HTTPS/TLS/SSL certificates.  By default,
it will attempt to use a webserver both for obtaining and installing the
certificate. The most common SUBCOMMANDS and flags are:

obtain, install, and renew certificates:
    (default) run   Obtain & install a certificate in your current webserver
    certonly        Obtain or renew a certificate, but do not install it
    renew           Renew all previously obtained certificates that are near
expiry
    enhance         Add security enhancements to your existing configuration
   -d DOMAINS       Comma-separated list of domains to obtain a certificate for

  --apache          Use the Apache plugin for authentication & installation
  --standalone      Run a standalone webserver for authentication
  (the certbot nginx plugin is not installed)
  --webroot         Place files in a server's webroot folder for authentication
  --manual          Obtain certificates interactively, or using shell script
hooks

   -n               Run non-interactively
  --test-cert       Obtain a test certificate from a staging server
  --dry-run         Test "renew" or "certonly" without saving any certificates
to disk

manage certificates:
    certificates    Display information about certificates you have from Certbot
    revoke          Revoke a certificate (supply --cert-name or --cert-path)
    delete          Delete a certificate (supply --cert-name)
    reconfigure     Update a certificate's configuration (supply --cert-name)

manage your account:
    register        Create an ACME account
    unregister      Deactivate an ACME account
    update_account  Update an ACME account
    show_account    Display account details
  --agree-tos       Agree to the ACME server's Subscriber Agreement
   -m EMAIL         Email address for important account notifications

More detailed help:

  -h, --help [TOPIC]    print this message, or detailed help on a topic;
                        the available TOPICS are:

   all, automation, commands, paths, security, testing, or any of the
   subcommands or plugins (certonly, renew, install, register, nginx,
   apache, standalone, webroot, etc.)
  -h all                print a detailed help page including all topics
  --version             print the version number
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
```bash certbot --help ``` <details> <summary>Output:</summary> ``` - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - certbot [SUBCOMMAND] [options] [-d DOMAIN] [-d DOMAIN] ... Certbot can obtain and install HTTPS/TLS/SSL certificates. By default, it will attempt to use a webserver both for obtaining and installing the certificate. The most common SUBCOMMANDS and flags are: obtain, install, and renew certificates: (default) run Obtain & install a certificate in your current webserver certonly Obtain or renew a certificate, but do not install it renew Renew all previously obtained certificates that are near expiry enhance Add security enhancements to your existing configuration -d DOMAINS Comma-separated list of domains to obtain a certificate for --apache Use the Apache plugin for authentication & installation --standalone Run a standalone webserver for authentication (the certbot nginx plugin is not installed) --webroot Place files in a server's webroot folder for authentication --manual Obtain certificates interactively, or using shell script hooks -n Run non-interactively --test-cert Obtain a test certificate from a staging server --dry-run Test "renew" or "certonly" without saving any certificates to disk manage certificates: certificates Display information about certificates you have from Certbot revoke Revoke a certificate (supply --cert-name or --cert-path) delete Delete a certificate (supply --cert-name) reconfigure Update a certificate's configuration (supply --cert-name) manage your account: register Create an ACME account unregister Deactivate an ACME account update_account Update an ACME account show_account Display account details --agree-tos Agree to the ACME server's Subscriber Agreement -m EMAIL Email address for important account notifications More detailed help: -h, --help [TOPIC] print this message, or detailed help on a topic; the available TOPICS are: all, automation, commands, paths, security, testing, or any of the subcommands or plugins (certonly, renew, install, register, nginx, apache, standalone, webroot, etc.) -h all print a detailed help page including all topics --version print the version number - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ``` </details>
Benjamin_Loison commented 2024-11-15 13:24:59 +01:00
Author
Owner
Copy Link
diff: 
17c17
<   (the certbot apache plugin is not installed)
---
>   --apache          Use the Apache plugin for authentication & installation
<details> <summary><code>diff</code>:</summary> ```diff 17c17 < (the certbot apache plugin is not installed) --- > --apache Use the Apache plugin for authentication & installation ``` </details>
Benjamin_Loison commented 2024-11-15 13:25:27 +01:00
Author
Owner
Copy Link
sudo certbot
Output: 
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Please enter the domain name(s) you would like on your certificate (comma and/or
space separated) (Enter 'c' to cancel):
```bash sudo certbot ``` <details> <summary>Output:</summary> ``` Saving debug log to /var/log/letsencrypt/letsencrypt.log Please enter the domain name(s) you would like on your certificate (comma and/or space separated) (Enter 'c' to cancel): ``` </details>
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
No items
No Label
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: Benjamin_Loison/certbot#5
No description provided.
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?