Not finding vhosts on A{mazon,rch}Linux #4905
Labels
Milestone
Comments
|
This should be fixed in #4104 as the issue seems to be in make_vhost_ssl |
|
I believe another instance of this problem can be found in https://community.letsencrypt.org/t/archlinux-how-to-configur-lets-encrypt/39258/32. At the very least, #4104 seems to fix the issue. |
bmw
changed the title
bmw
pushed a commit
that referenced
this issue
Sep 25, 2017
…on Debian / Ubuntu (#4104) This changes the apache plugin behaviour to only parse enabled configuration files and respecting the --apache-vhost-root CLI parameter for new SSL vhost creation. If --apache-vhost-root isn't defined, or doesn't exist, the SSL vhost will be created to originating non-SSL vhost directory. This PR also implements actual check for vhost enabled state, and makes sure parser.parse_file() does not discard changes in Augeas DOM, by doing an autosave. Also handles enabling the new SSL vhost, if it's on a path that's not parsed by Apache. Fixes: #1328 Fixes: #3545 Fixes: #3791 Fixes: #4523 Fixes: #4837 Fixes: #4905 * First changes * Handle rest of the errors * Test fixes * Final fixes * Make parse_files accessible and fix linter problems * Activate vhost at later time * Cleanup * Add a new test case, and fix old * Enable site later in deploy_cert * Make apache-conf-test default dummy configuration enabled * Remove is_sites_available as obsolete * Cleanup * Brought back conditional vhost_path parsing * Parenthesis * Fix merge leftovers * Fix to work with the recent changes to new file creation * Added fix and tests for non-symlink vhost in sites-enabled * Made vhostroot parameter for ApacheParser optional, and removed extra_path * Respect vhost-root, and add Include statements to root configuration if needed * Fixed site enabling order to prevent apache restart error while enabling mod_ssl * Don't exclude Ubuntu / Debian vhost-root cli argument * Changed the SSL vhost directory selection priority * Requested fixes for paths and vhost discovery * Make sure the Augeas DOM is written to disk before loading new files * Actual checking for if the file is parsed within existing Apache configuration * Fix the order of dummy SSL directives addition and enabling modules * Restructured site_enabled checks * Enabling vhost correctly for non-debian systems
sydneyli
pushed a commit
that referenced
this issue
Jun 15, 2018
…on Debian / Ubuntu (#4104) This changes the apache plugin behaviour to only parse enabled configuration files and respecting the --apache-vhost-root CLI parameter for new SSL vhost creation. If --apache-vhost-root isn't defined, or doesn't exist, the SSL vhost will be created to originating non-SSL vhost directory. This PR also implements actual check for vhost enabled state, and makes sure parser.parse_file() does not discard changes in Augeas DOM, by doing an autosave. Also handles enabling the new SSL vhost, if it's on a path that's not parsed by Apache. Fixes: #1328 Fixes: #3545 Fixes: #3791 Fixes: #4523 Fixes: #4837 Fixes: #4905 * First changes * Handle rest of the errors * Test fixes * Final fixes * Make parse_files accessible and fix linter problems * Activate vhost at later time * Cleanup * Add a new test case, and fix old * Enable site later in deploy_cert * Make apache-conf-test default dummy configuration enabled * Remove is_sites_available as obsolete * Cleanup * Brought back conditional vhost_path parsing * Parenthesis * Fix merge leftovers * Fix to work with the recent changes to new file creation * Added fix and tests for non-symlink vhost in sites-enabled * Made vhostroot parameter for ApacheParser optional, and removed extra_path * Respect vhost-root, and add Include statements to root configuration if needed * Fixed site enabling order to prevent apache restart error while enabling mod_ssl * Don't exclude Ubuntu / Debian vhost-root cli argument * Changed the SSL vhost directory selection priority * Requested fixes for paths and vhost discovery * Make sure the Augeas DOM is written to disk before loading new files * Actual checking for if the file is parsed within existing Apache configuration * Fix the order of dummy SSL directives addition and enabling modules * Restructured site_enabled checks * Enabling vhost correctly for non-debian systems
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
My operating system is (include version):
Amazon Linux 2017.03
I installed Certbot with (certbot-auto, OS package manager, pip, etc):
certbot-auto
I ran this command and it produced this output:
Certbot's behavior differed from what I expected because:
Certbot should be able to find the vhost.
This issue was created in response to https://community.letsencrypt.org/t/rate-limited-after-trying-multiple-solutions-to-could-not-reverse-map-the-https-virtualhost-to-the-original-issue/37252. Adding
--apache-vhost-rootcauses the "Could not reverse map..." error message to go away and be replaced by:I played with this myself for a bit in Docker using http24 installed in the default paths and even with
--apache-vhost-root, we're not finding the vhost. The return value fromcertbot_apache.configurator.get_virtual_hosts()is an empty list.@joohoi, since Amazon Linux is Red Hat based, this might be a good test to see how better support for non-Debian systems is coming in Apache.
The text was updated successfully, but these errors were encountered: