当前位置: 文江博客话题详情

如何修复CERBOT错误'无法在端口80' Apache更新后?

发布于 2025-01-24 10:20:34 字数 3397 浏览 6 评论 0原文

我最近将Apache从2.4.6更新到2.4.5倍。

现在certbot续订-Dry-Run告诉我,Apache在port 80上没有

/var/log/letsencrypt/letsencencrypt.log 

PluginError: Unable to find a virtual host listening on port 80 which is currently needed for Certbot to prove to the CA that you control your domain. Please add a virtual host for port 80.

2022-04-27 13:00:18,010:ERROR:certbot._internal.renewal:All renewal attempts failed. The following certs could not be renewed:
2022-04-27 13:00:18,011:ERROR:certbot._internal.renewal:  /etc/letsencrypt/live/co2-avatar.com/fullchain.pem (failure)

端口80上收听,但我有一个< virtualHost>在我的Apache配置中,其中包含所有请求的域,例如 servername/serveralias 。我已经用netstat在端口80上侦听。

这是配置文件:

# redirect everything from http to https
<VirtualHost *:80>
    DocumentRoot "/var/www/html/"
    ServerName co2-avatar.com
    ServerAlias sustainable-data-platform.de
    ServerAlias co2-avatar.de
    ServerAlias co2-avatar.eu
    ServerAlias co2-avatar.org
    ServerAlias co2avatar.com
    ServerAlias co2avatar.de
    ServerAlias co2avatar.eu
    ServerAlias co2avatar.org
    ServerAlias git.sustainable-data-platform.org
    ServerAlias gitlab.sustainable-data-platform.org
    ServerAlias hp-cockpit.com
    ServerAlias hp-cockpit.de
    ServerAlias hp-cockpit.eu
    ServerAlias hp-cockpit.org
    ServerAlias hpcockpit.com
    ServerAlias hpcockpit.de
    ServerAlias hpcockpit.eu
    ServerAlias hpcockpit.org
    ServerAlias stop-fossil.de
    ServerAlias stop-fossil.org
    ServerAlias stopfossil.de
    ServerAlias stopfossil.org
    ServerAlias sustainable-building-platform.com
    ServerAlias sustainable-building-platform.de
    ServerAlias sustainable-building-platform.eu
    ServerAlias sustainable-building-platform.org
    ServerAlias sustainable-data-platform.com
    ServerAlias sustainable-data-platform.eu
    ServerAlias sustainable-data-platform.org
    ServerAlias sustainabledataplatform.com
    ServerAlias sustainabledataplatform.de
    ServerAlias sustainabledataplatform.eu
    ServerAlias sustainabledataplatform.org
    ServerAlias test.co2avatar.org
    ServerAlias test.hp-cockpit.org
    ServerAlias wp-cockpit.de
    ServerAlias wp-cockpit.eu
    ServerAlias wp-cockpit.org
    ServerAlias wpcockpit.eu
    ServerAlias wpcockpit.org

    <Directory "/var/www/html/">
        Options Indexes FollowSymLinks
        AllowOverride All
        Require all granted
    </Directory>
    ErrorLog "/var/log/httpd/webServer-error_log"
    CustomLog "/var/log/httpd/webServer-access_log" combined
    RewriteEngine on
    RewriteCond %{HTTPS} off
    RewriteCond %{REQUEST_URI} !\.well-known/acme-challenge
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

rewriteCond%{request_uri}!\。(哪个来自这里),但是我该如何调试?是否有更多详细的日志文件来自 certbot letsencrypt

当运行续订或要在证书中添加某些域时,我确实没有看到Apache LogFiles中的任何访问权限。因此,我不确定,我在这里做错了什么以及如何检查,实际上发生了什么(模拟可持续data-platform.org现有证书的续订和40个域)) 。当我运行curl -v-x获取http://co2-avatar.com/.well-nown/aacme-challenge时,这是不同的。我至少获得了301,并且在服务器上的Apache LogFile中获得了一个条目。

还有其他提示与Apache 4.2.53一起使用 certbot 吗?

原文

I have updated Apache from 2.4.6 to 2.4.5x quite recently.

Now certbot renew --dry-run tells me that Apache is not listening on port 80

From /var/log/letsencrypt/letsencrypt.log

PluginError: Unable to find a virtual host listening on port 80 which is currently needed for Certbot to prove to the CA that you control your domain. Please add a virtual host for port 80.

2022-04-27 13:00:18,010:ERROR:certbot._internal.renewal:All renewal attempts failed. The following certs could not be renewed:
2022-04-27 13:00:18,011:ERROR:certbot._internal.renewal:  /etc/letsencrypt/live/co2-avatar.com/fullchain.pem (failure)

But I have a <VirtualHost> in my apache config, which contains all requested domains as ServerName/ServerAlias. I have doublechecked with netstat that Apache is listening on port 80.

Here is the config file:

# redirect everything from http to https
<VirtualHost *:80>
    DocumentRoot "/var/www/html/"
    ServerName co2-avatar.com
    ServerAlias sustainable-data-platform.de
    ServerAlias co2-avatar.de
    ServerAlias co2-avatar.eu
    ServerAlias co2-avatar.org
    ServerAlias co2avatar.com
    ServerAlias co2avatar.de
    ServerAlias co2avatar.eu
    ServerAlias co2avatar.org
    ServerAlias git.sustainable-data-platform.org
    ServerAlias gitlab.sustainable-data-platform.org
    ServerAlias hp-cockpit.com
    ServerAlias hp-cockpit.de
    ServerAlias hp-cockpit.eu
    ServerAlias hp-cockpit.org
    ServerAlias hpcockpit.com
    ServerAlias hpcockpit.de
    ServerAlias hpcockpit.eu
    ServerAlias hpcockpit.org
    ServerAlias stop-fossil.de
    ServerAlias stop-fossil.org
    ServerAlias stopfossil.de
    ServerAlias stopfossil.org
    ServerAlias sustainable-building-platform.com
    ServerAlias sustainable-building-platform.de
    ServerAlias sustainable-building-platform.eu
    ServerAlias sustainable-building-platform.org
    ServerAlias sustainable-data-platform.com
    ServerAlias sustainable-data-platform.eu
    ServerAlias sustainable-data-platform.org
    ServerAlias sustainabledataplatform.com
    ServerAlias sustainabledataplatform.de
    ServerAlias sustainabledataplatform.eu
    ServerAlias sustainabledataplatform.org
    ServerAlias test.co2avatar.org
    ServerAlias test.hp-cockpit.org
    ServerAlias wp-cockpit.de
    ServerAlias wp-cockpit.eu
    ServerAlias wp-cockpit.org
    ServerAlias wpcockpit.eu
    ServerAlias wpcockpit.org

    <Directory "/var/www/html/">
        Options Indexes FollowSymLinks
        AllowOverride All
        Require all granted
    </Directory>
    ErrorLog "/var/log/httpd/webServer-error_log"
    CustomLog "/var/log/httpd/webServer-access_log" combined
    RewriteEngine on
    RewriteCond %{HTTPS} off
    RewriteCond %{REQUEST_URI} !\.well-known/acme-challenge
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

There might be something wrong with RewriteCond %{REQUEST_URI} !\.well-known/acme-challenge (which is from here), but how can I debug this? Are there more detailed log files from certbot or letsencrypt.

When run the renew or when I want to add some domains to my certificate, I indeed do not see any access in my Apache logfiles. So I am not sure, what I am doing wrong here and how to check, what actually happens on their side (Simulating renewal of an existing certificate for sustainable-data-platform.org and 40 more domains). Which is differently when I run curl -v -X GET http://co2-avatar.com/.well-known/acme-challenge on my machine. I get at least a 301 for this and an entry in the Apache logfile on my server.

Is there any other hint for using certbot with Apache 4.2.53?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

自演自醉 2025-01-31 10:20:34

尝试使用网站启用您的网站,然后尝试重新安装证书

sudo a2ensite [site conf name]

Try enabling your site using then try reinstalling cert

sudo a2ensite [site conf name]

回复 原文
~没有更多了~

关于作者

记忆之渊

暂无简介

文章
评论
29 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

alipaysp_snBf0MSZIv

文章 0 评论 0

梦断已成空

文章 0 评论 0

瞎闹

文章 0 评论 0

凯凯我们等你回来

文章 0 评论 0

寄意

文章 0 评论 0

似梦非梦

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文