如何在 CentOS 9 上使用 Let's Encrypt 保护 Apache?
我无法找到为在 Centos 9 和 Apache 服务器(版本:2.4.51)上运行的 Droplet 配置 SSL 证书的方法。
我尝试遵循 本教程,但我搜索过的所有包管理器(yum、snap 和 dnf)都没有所需的 python3-certbot-apache 包,也没有任何 python*-certbot-apache 包(当然, turorial 适用于 Centos 8,但我找不到任何有关保护 centos 9 的参考资料)。只有 snap 有 certbot 软件包,但这不足以帮助我至少获得 SSL 证书。
任何形式的帮助将不胜感激。
噢,以防万一这可能为聪明人提供有价值的信息,以下是我尝试运行时收到的错误日志,例如,sudo certbot --apache:
2022-04-01 15:54:42,360:DEBUG:urllib3.connectionpool:http://localhost:None "GET /v2/connections?snap=certbot&interface=content HTTP/1.1" 200 97 2022-04-01 15:54:42,830:DEBUG:certbot._internal.main:certbot version: 1.25.0 2022-04-01 15:54:42,831:DEBUG:certbot._internal.main:Location of certbot entry point: /snap/certbot/1888/bin/certbot 2022-04-01 15:54:42,831:DEBUG:certbot._internal.main:Arguments: ['--apache', '--preconfigured-renewal'] 2022-04-01 15:54:42,831:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2022-04-01 15:54:42,846:DEBUG:certbot._internal.log:Root logging level set at 30 2022-04-01 15:54:42,847:DEBUG:certbot._internal.plugins.selection:Requested authenticator apache and installer apache 2022-04-01 15:54:42,943:DEBUG:certbot_apache._internal.configurator:Apache version is 2.4.51 2022-04-01 15:54:42,986:WARNING:certbot_apache._internal.apache_util:Error in checking parameter list: 2022-04-01 15:54:42,986:DEBUG:certbot._internal.plugins.disco:Misconfigured PluginEntryPoint#apache: Apache is unable to check whether or not the module is loaded because Apache is misconfigured. Traceback (most recent call last): File "/var/lib/snapd/snap/certbot/1888/lib/python3.8/site-packages/certbot/_internal/plugins/disco.py", line 160, in prepare self._initialized.prepare() File "/var/lib/snapd/snap/certbot/1888/lib/python3.8/site-packages/certbot_apache/_internal/configurator.py", line 368, in prepare self.parser = self.get_parser() File "/var/lib/snapd/snap/certbot/1888/lib/python3.8/site-packages/certbot_apache/_internal/override_centos.py", line 79, in get_parser return CentOSParser( File "/var/lib/snapd/snap/certbot/1888/lib/python3.8/site-packages/certbot_apache/_internal/override_centos.py", line 164, in __init__ super().__init__(*args, **kwargs) File "/var/lib/snapd/snap/certbot/1888/lib/python3.8/site-packages/certbot_apache/_internal/parser.py", line 79, in __init__ self.update_runtime_variables() File "/var/lib/snapd/snap/certbot/1888/lib/python3.8/site-packages/certbot_apache/_internal/override_centos.py", line 169, in update_runtime_variables super().update_runtime_variables() File "/var/lib/snapd/snap/certbot/1888/lib/python3.8/site-packages/certbot_apache/_internal/parser.py", line 299, in update_runtime_variables self.update_defines() File "/var/lib/snapd/snap/certbot/1888/lib/python3.8/site-packages/certbot_apache/_internal/parser.py", line 305, in update_defines self.variables = apache_util.parse_defines(self.configurator.options.ctl) File "/var/lib/snapd/snap/certbot/1888/lib/python3.8/site-packages/certbot_apache/_internal/apache_util.py", line 153, in parse_defines matches = parse_from_subprocess(define_cmd, r"Define: ([^ \n]*)") File "/var/lib/snapd/snap/certbot/1888/lib/python3.8/site-packages/certbot_apache/_internal/apache_util.py", line 208, in parse_from_subprocess stdout = _get_runtime_cfg(command) File "/var/lib/snapd/snap/certbot/1888/lib/python3.8/site-packages/certbot_apache/_internal/apache_util.py", line 241, in _get_runtime_cfg raise errors.MisconfigurationError( certbot.errors.MisconfigurationError: Apache is unable to check whether or not the module is loaded because Apache is misconfigured. 2022-04-01 15:54:42,988:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * apache Description: Apache Web Server plugin Interfaces: Installer, Authenticator, Plugin Entry point: apache = certbot_apache._internal.entrypoint:ENTRYPOINT Initialized: Prep: Apache is unable to check whether or not the module is loaded because Apache is misconfigured. 2022-04-01 15:54:42,989:DEBUG:certbot._internal.plugins.selection:Selected authenticator None and installer None
I am failing to find a way to configure an SSL certificate for my droplet running on Centos 9 and an Apache server (version: 2.4.51).
I tried to follow this tutorial but all the package managers I have searched (yum, snap & dnf) do not have the required python3-certbot-apache package nor any python*-certbot-apache package (Ofcourse, the turorial was meant for Centos 8 but I can’t find any reference to securing centos 9). Only snap has the certbot package but that’s not enough to help me at least just obtain an SSL certificate.
Any form of help will be greatly appreciated.
Oooh, just incase this might have valueable information for the bright minds, here are the error logs I get if I try to run, for example, sudo certbot --apache:
2022-04-01 15:54:42,360:DEBUG:urllib3.connectionpool:http://localhost:None "GET /v2/connections?snap=certbot&interface=content HTTP/1.1" 200 97 2022-04-01 15:54:42,830:DEBUG:certbot._internal.main:certbot version: 1.25.0 2022-04-01 15:54:42,831:DEBUG:certbot._internal.main:Location of certbot entry point: /snap/certbot/1888/bin/certbot 2022-04-01 15:54:42,831:DEBUG:certbot._internal.main:Arguments: ['--apache', '--preconfigured-renewal'] 2022-04-01 15:54:42,831:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2022-04-01 15:54:42,846:DEBUG:certbot._internal.log:Root logging level set at 30 2022-04-01 15:54:42,847:DEBUG:certbot._internal.plugins.selection:Requested authenticator apache and installer apache 2022-04-01 15:54:42,943:DEBUG:certbot_apache._internal.configurator:Apache version is 2.4.51 2022-04-01 15:54:42,986:WARNING:certbot_apache._internal.apache_util:Error in checking parameter list: 2022-04-01 15:54:42,986:DEBUG:certbot._internal.plugins.disco:Misconfigured PluginEntryPoint#apache: Apache is unable to check whether or not the module is loaded because Apache is misconfigured. Traceback (most recent call last): File "/var/lib/snapd/snap/certbot/1888/lib/python3.8/site-packages/certbot/_internal/plugins/disco.py", line 160, in prepare self._initialized.prepare() File "/var/lib/snapd/snap/certbot/1888/lib/python3.8/site-packages/certbot_apache/_internal/configurator.py", line 368, in prepare self.parser = self.get_parser() File "/var/lib/snapd/snap/certbot/1888/lib/python3.8/site-packages/certbot_apache/_internal/override_centos.py", line 79, in get_parser return CentOSParser( File "/var/lib/snapd/snap/certbot/1888/lib/python3.8/site-packages/certbot_apache/_internal/override_centos.py", line 164, in __init__ super().__init__(*args, **kwargs) File "/var/lib/snapd/snap/certbot/1888/lib/python3.8/site-packages/certbot_apache/_internal/parser.py", line 79, in __init__ self.update_runtime_variables() File "/var/lib/snapd/snap/certbot/1888/lib/python3.8/site-packages/certbot_apache/_internal/override_centos.py", line 169, in update_runtime_variables super().update_runtime_variables() File "/var/lib/snapd/snap/certbot/1888/lib/python3.8/site-packages/certbot_apache/_internal/parser.py", line 299, in update_runtime_variables self.update_defines() File "/var/lib/snapd/snap/certbot/1888/lib/python3.8/site-packages/certbot_apache/_internal/parser.py", line 305, in update_defines self.variables = apache_util.parse_defines(self.configurator.options.ctl) File "/var/lib/snapd/snap/certbot/1888/lib/python3.8/site-packages/certbot_apache/_internal/apache_util.py", line 153, in parse_defines matches = parse_from_subprocess(define_cmd, r"Define: ([^ \n]*)") File "/var/lib/snapd/snap/certbot/1888/lib/python3.8/site-packages/certbot_apache/_internal/apache_util.py", line 208, in parse_from_subprocess stdout = _get_runtime_cfg(command) File "/var/lib/snapd/snap/certbot/1888/lib/python3.8/site-packages/certbot_apache/_internal/apache_util.py", line 241, in _get_runtime_cfg raise errors.MisconfigurationError( certbot.errors.MisconfigurationError: Apache is unable to check whether or not the module is loaded because Apache is misconfigured. 2022-04-01 15:54:42,988:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * apache Description: Apache Web Server plugin Interfaces: Installer, Authenticator, Plugin Entry point: apache = certbot_apache._internal.entrypoint:ENTRYPOINT Initialized: Prep: Apache is unable to check whether or not the module is loaded because Apache is misconfigured. 2022-04-01 15:54:42,989:DEBUG:certbot._internal.plugins.selection:Selected authenticator None and installer None
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
以防万一有人遇到同样的问题,在我发帖时,Centos 9 上不支持 certbot,因此没有解决我面临的问题。就我而言,我有幸使用不同的 centos 版本,所以我就是这么做的。
Just incase someone faces the same issue, at the time I posted there was no support for certbot on Centos 9 hence there was no solution to the problem I was facing. In my case I had the luxury of using a different centos version and so that's what I did.
您可以从EPEL存储库中获得CERTBOT,但是CentoS9的Apache的Apachectl并不是Certbot所期望的。您必须评论一个例外,如
htttps ://github.com/certbot/certbot/certbot/certbot/certbot/8945#issuecomment/8945#issuecomment/8945#issuecomment- 1185054399
不幸的是,Epel上的Certbot并未为此进行修补,在每次Certbot升级后,您都必须这样做。它在Mine Centos 9主机中的几个主持人都可以正常工作。
You can yse Certbot from EPEL repository, but apachectl from Apache on CentOS9 doesn't to, what Certbot is expecting. You have to comment out one exception, as described in
https://github.com/certbot/certbot/issues/8945#issuecomment-1185054399
Unfortunately, Certbot on EPEL is not patched for that and You'll have to do it after every Certbot upgrade. It works fine on several of mine CentOS 9 hosts.