Apache2 completly messed up after running let's encrypt

jackalblood · May 18, 2017, 5:41pm

Hi there

I decided to setup let’s encrypt with the “box install letsencrypt” followed the prompts got the string however now it seems apache2 will not start I can’t find any information in the outputs or anything

I’d rather not start all over again with a clean box for what I’m sure is an easy fix

Can anyone give me any idea of where to start looking for the problem everything was fine until I tried this

I have done it before without issue but that time was using the wiki and not the built in command

liza · May 18, 2017, 6:03pm

If apache won’t start, it’ll often tell you why in systemctl status apache2 (e.g. bind error, config error, etc)

Otherwise you can run a config test explicitly with apachectl -t which will narrow down the specific line of which config is causing apache to not start.

jackalblood · May 18, 2017, 6:10pm

Ok that shed some light on things for me

AH00526: Syntax error on line 39 of /etc/apache2/sites-enabled/default-ssl.conf:
SSLCertificateFile: file ‘/etc/apache2/ssl/certs/hyperhardware.net-ssl.pem’ does not exist or is empty
Action ‘-t’ failed.
Can I remove all of the stuff that was changed by let’s encrypt back and start again?

liza · May 18, 2017, 6:21pm

Resetting the certificates to the QB defaults in /etc/apache2/sites-enabled/default-ssl.conf should get your apache started again:

        SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
        SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key

If you rerun the QB let’s encrypt installer, I would hazard a guess that the exact same outcome will happen again. If you are proficient at using letsencrypt from the CLI, as you suggested, I would recommend you just grab it using a method that is already familiar for you

jackalblood · May 18, 2017, 6:40pm

Sadly it gave me the same error about the files even tho I know they exist I guess I’m better off starting from scratch

RXWatcher · May 18, 2017, 7:40pm

Is this the domain? My guess is the lets encrypt process is failing…maybe a firewall or a proxy? LE needs to connect to your server to validate it.

Maybe your DNS is right.

jackalblood · May 18, 2017, 8:03pm

Running though the process on a clean install using the wiki and not the built in command successfully installed on that record first time so I’m just in the process of putting everything back