New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fedora apachectl 2.4.39 no longer supports passing arguments to httpd #6940
Comments
Yes same problem. I tried replacing apachectl with a link to httpd but that did not work. Change was made with recent apache 2.4.39 update. Never knew the hassle updating certificates manually would be. I cannot renew the old certificate either as certbot does not ask me if I wanna spin up a temporary webserver when I want to renew, only when using certbot certonly. |
@joohoi looks like something's changed with Apache. |
Same problem here (Fedora 29 - Apache: httpd-2.4.39-2.fc29.x86_64):
Workaround:
|
I ran into the same issue in my environment and fixed it with the following hack steps while maintaining the current apache version: I then re-ran letsencrypt (aka certbot) and everything was successful! Hopefully this helps someone who understands all this code better than I do make a real fix, but at least there is a hack solution in the meantime, and this should continue to work for future versions of apache. |
How safe is it to upgrade to Fedora 30? Will this issue follow or is it fixed? I am on Fedora Server 29 now and ran into this issue too. Workaround from ROV28 worked for me #6940 (comment) |
It is solved (certbot-0.31.0-2.fc30.noarch.rpm). |
Sorry but I have the same package as you and it is not yet solved. I believe the fix is in the package python3-certbot-apache-0.31.0-2.fc30.noarch which is not yet pushed. |
Apologies, but this appears to still not be resolved. Fedora 30:
Package installed from the main DNF repository shipped with Fedora 30:
If python3-certbot-apache-0.31.0-2.fc30.noarch resolves the issue, I couldn't tell you, as it's not available to me. |
It doesn't at least on Fedora 29. It's all still busted |
Apologies for taking so long to get the update packaged for Fedora. It should be hitting the testing repos shortly. If you want to test and/or provide karma, that can be done on Bodhi: |
The update has been pushed to the Fedora testing repos. If you want to use it before it hits the Fedora stable repos and/or provide karma to hasten the promotion to stable, please click on the appropriate link below: |
Thanks! Just did an update and certbot was bumped up. Re-ran certbot and it works. Thanks for the effort here!
|
Thanks too. It's working like charm on Fedora-Server 29 now.
|
My operating system is (include version):
Fedora 29
I installed Certbot with (certbot-auto, OS package manager, pip, etc):
OS package manager
Additionally: httpd-2.4.39
I ran this command and it produced this output:
certbot renew --apache
apachectl: The "-v" option is not supported.
Certbot's behavior differed from what I expected because:
certbot gets invalid output from apachectl
Here is a Certbot log showing the issue (if available):
/usr/sbin/apachectl doesn't support -v, nor -t -D DUMP_RUN_CFG, DUMP_INCLUDES, DUMP_MODULES
Hacking apachectl (or a different one in the path) to specifically allow these options makes it work.
Running httpd -v or -t -D DUMP_RUN_CFG does work, apachectl doesn't.
Here is the relevant nginx server block or Apache virtualhost for the domain I am configuring:
not relevant, change to /usr/sbin/apachectl, probably in 2.4.39. httpd (and config) is fine, apachectl is not.
not sure if I should file a bug here, or with Fedora
Issue #5439 seems very similar, but appears to be for restart of apache only. This issue occurs before the certificate -- certbot is still verifying if apache is installed.
The text was updated successfully, but these errors were encountered: