certbot renew was telling me I had no vhosts listening on port 80. turns out it can no longer read files in subdirectories under /etc/apache2/sites-enabled/. I had to symlink each individual file. pisser.

the actual error message:

Attempting to renew cert (unternet.net) from /etc/letsencrypt/renewal/unternet.net.conf produced an unexpected error: Unable to find a virtual host listening on port 80 which is currently needed for Certbot to prove to the CA that you control your domain. Please add a virtual host for port 80.. Skipping.
All renewal attempts failed. The following certs could not be renewed:
  /etc/letsencrypt/live/unternet.net/fullchain.pem (failure)

how do you go about debugging something like that? you look at the logfile, /var/log/letsencrypt/letsencrypt.log, and find the name of the Python script that caused the error. then you view and/or edit the script. I added a logging message that showed me which vhosts were being looked at, and saw that it wasn't even seeing my config files.

Back to blog or home page

last updated 2019-05-10 14:55:01. served from tektonic.jcomeau.com