I installed Goautodial where access via HTTPS was configured “out-of-the-box” with self-signed certificate. HTTP access was configured through like default website in Apache without using VirtualHost directive.
I tried to get a certificate from Letsencrypt and got the following error:
Unable to find a virtual host listening on port 80 which is currently needed for Certbot to prove to the CA that you control your domain. Please add a virtual host for port 80.
To overcome this obstacle run the Certbot by specifying your webroot path and don’t examine Apache configuration:
|
1 2 3 4 5 6 7 8 9 10 |
# certbot certonly -w /var/www/html -d domain.com --register-unsafely-without-email Saving debug log to /var/log/letsencrypt/letsencrypt.log How would you like to authenticate with the ACME CA? - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1: Apache Web Server plugin (apache) 2: Spin up a temporary webserver (standalone) 3: Place files in webroot directory (webroot) - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Select the appropriate number [1-3] then [enter] (press 'c' to cancel): 3 |
Now press “3” – Place files in webroot directory (webroot):
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 |
Plugins selected: Authenticator webroot, Installer None Requesting a certificate for dial.braindottech.com Performing the following challenges: http-01 challenge for domain.com Using the webroot path /var/www/html for all unmatched domains. Waiting for verification... Cleaning up challenges IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/domain.com/fullchain.pem Your key file has been saved at: /etc/letsencrypt/live/domain.com/privkey.pem Your certificate will expire on 2021-08-03. To obtain a new or tweaked version of this certificate in the future, simply run certbot again. To non-interactively renew *all* of your certificates, run "certbot renew" - If you like Certbot, please consider supporting our work by: Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate Donating to EFF: https://eff.org/donate-le |
Congratulations! You have the certificate!
Now edit ssl.conf and point Apache to the new certificate.
Don’t forget to restart Apache!
Good luck!
