Certbot: Certbot erhält keine Zertifikate unter Ubuntu 16.04
Hey, ich habe gerade meinen Server neu installiert und dabei von Ubuntu 14.04 auf 16.04 aktualisiert.
Unter Ubuntu 14.04 funktionierte alles einwandfrei.
Aber jetzt kann Certbot unter Ubuntu 16.04 meine Zertifikate nicht abrufen.
Hier sind zunächst die Protokolle, wenn ich sudo letsencrypt --apache --text -vvvvv nach der Installation von Apache2, PHP und Postgres und certbot über Repositorys ausführe.
user<strong i="10">@Server</strong>:~$ sudo cat /var/log/letsencrypt/letsencrypt.log
2016-07-08 15:30:26,402:DEBUG:letsencrypt.cli:Root logging level set at -20
2016-07-08 15:30:26,403:INFO:letsencrypt.cli:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2016-07-08 15:30:26,404:DEBUG:letsencrypt.cli:letsencrypt version: 0.4.1
2016-07-08 15:30:26,404:DEBUG:letsencrypt.cli:Arguments: ['--apache', '--text', '-vvvvv']
2016-07-08 15:30:26,404:DEBUG:letsencrypt.cli:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#webroot,PluginEntryPoint#null,PluginEntryPoint#manual,PluginEntryPoint#standalone)
2016-07-08 15:30:26,405:DEBUG:letsencrypt.cli:Requested authenticator apache and installer apache
2016-07-08 15:30:26,861:DEBUG:letsencrypt.display.ops:Single candidate plugin: * apache
Description: Apache Web Server - Alpha
Interfaces: IAuthenticator, IInstaller, IPlugin
Entry point: apache = letsencrypt_apache.configurator:ApacheConfigurator
Initialized: <letsencrypt_apache.configurator.ApacheConfigurator object at 0x7f4fa2d0f110>
Prep: True
2016-07-08 15:30:26,862:DEBUG:letsencrypt.cli:Selected authenticator <letsencrypt_apache.configurator.ApacheConfigurator object at 0x7f4fa2d0f110> and installer <letsencrypt_apache.configurator.ApacheConfigurator object at 0x7f4fa2d0f110>
2016-07-08 15:30:36,207:DEBUG:letsencrypt.cli:Picked account: <Account(5e1503fd131a8338a2d21866a6e202c6)>
2016-07-08 15:30:36,208:DEBUG:root:Sending GET request to https://acme-v01.api.letsencrypt.org/directory. args: (), kwargs: {}
2016-07-08 15:30:36,212:INFO:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
2016-07-08 15:30:36,783:DEBUG:requests.packages.urllib3.connectionpool:"GET /directory HTTP/1.1" 200 280
2016-07-08 15:30:36,786:DEBUG:root:Received <Response [200]>. Headers: {'Content-Length': '280', 'Expires': 'Fri, 08 Jul 2016 15:30:36 GMT', 'Boulder-Request-Id': 'PYGfztG4VlK9dwVTDwiVoHUbFRPIXGwvntjgxqUNRik', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Connection': 'keep-alive', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Fri, 08 Jul 2016 15:30:36 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': '0-KmJIn0g2KMLRf2m2yFf9w2MT8eDXUtJAmP23ycklI'}. Content: '{\n "new-authz": "https://acme-v01.api.letsencrypt.org/acme/new-authz",\n "new-cert": "https://acme-v01.api.letsencrypt.org/acme/new-cert",\n "new-reg": "https://acme-v01.api.letsencrypt.org/acme/new-reg",\n "revoke-cert": "https://acme-v01.api.letsencrypt.org/acme/revoke-cert"\n}'
2016-07-08 15:30:36,786:DEBUG:acme.client:Received response <Response [200]> (headers: {'Content-Length': '280', 'Expires': 'Fri, 08 Jul 2016 15:30:36 GMT', 'Boulder-Request-Id': 'PYGfztG4VlK9dwVTDwiVoHUbFRPIXGwvntjgxqUNRik', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Connection': 'keep-alive', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Fri, 08 Jul 2016 15:30:36 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': '0-KmJIn0g2KMLRf2m2yFf9w2MT8eDXUtJAmP23ycklI'}): '{\n "new-authz": "https://acme-v01.api.letsencrypt.org/acme/new-authz",\n "new-cert": "https://acme-v01.api.letsencrypt.org/acme/new-cert",\n "new-reg": "https://acme-v01.api.letsencrypt.org/acme/new-reg",\n "revoke-cert": "https://acme-v01.api.letsencrypt.org/acme/revoke-cert"\n}'
2016-07-08 15:30:36,940:INFO:letsencrypt.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0011_key-letsencrypt.pem
2016-07-08 15:30:36,943:INFO:letsencrypt.crypto_util:Creating CSR: /etc/letsencrypt/csr/0011_csr-letsencrypt.pem
2016-07-08 15:30:36,944:DEBUG:letsencrypt.client:CSR: CSR(file='/etc/letsencrypt/csr/0011_csr-letsencrypt.pem', data='0\x82\x02\xa80\x82\x01\x90\x02\x01\x020!1\x1f0\x1d\x06\x03U\x04\x03\x0c\x16nextcloud.mattia98.org0\x82\x01"0\r\x06\t*\x86H\x86\xf7\r\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\n\x02\x82\x01\x01\x00\xe6\xbe:9\xab\xceqz4\xcb\x02;W?\x1c\xf3\xc8\xe7G2,\xd3\xea\xea\xba7-|F#\xf9\xc8\x0c\x1bv]\xd0\xcc\xf1%\xcc\x8b{\x8e\x7fodX\xfd-\xf5i\xb6x\xdf\xab\xa7\xe8\x88/\x02\xd9\x0cu\x93\x8f\x1e\x87Ka"\xe7(\xe6\xb9\xff\t\x89;!\x1b\x04\xf9\xd4\xa0\xbc)\xd6\xad\xf4\xe5\xcfH\xfc\x9c\xe3k\x03\xdf\xeb\x9fP\xf6pN>wk\xdfX\x15\x1e(\xc1\xff\xf1Nn\xae\x7f\xf3^yZ\x9fx\xdbt\x01\xfa+\xdf\x1cm\xab(?&\x00]\xd8}\x98\x1c\xdf\x14\xd1\xf5\x92$\xab\x15\xb6\x83$p\xe4\xfe\xfeW\xff\x7f&\xb7\x87\x81I\xeb\xbcL\x96\x85iH\x02\x9a"\x06\xc8\xca\xa9g\xe8c\x9f\xf7\xe9}\\\x8bb\xdd\xfb\xf24\xedZ\x14\xc6}\x90\r\xadMZ\'x %\x84(&\x9d\xf0,H\x13\xae\x14\x89v\xf5Ua\x14\xdcv\x01W\xc5\xd8R=\x17\x97F\x16J\x05<bl\xfc\x0ccR\xd7\x97\xddSI\xc4\x0e\x028y\x02\x03\x01\x00\x01\xa0B0@\x06\t*\x86H\x86\xf7\r\x01\t\x0e13010/\x06\x03U\x1d\x11\x04(0&\x82\x16nextcloud.mattia98.org\x82\x0cmattia98.org0\r\x06\t*\x86H\x86\xf7\r\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00;\x1d\xca:\xbav\xad,\x93\x07\xb2S\x9f\xffVX$\x8d\xcb\xfd\xd9\xd8\xd7\xdfea\x10W\xb5\x81\xd8\x9e\x94S\xbe\x1aUG \xc9D\xcaF\x94V\x016\xf8\xc1I\xf6@b\x8d7\x91\x1c\xd6 \xe7\x19\xb8\x80Q\xa3a\xb3\xe0\x86\xb6\'\xf7\xce\x9cE\x86x\xae\xa1rG"\xc8\xbd\x12\x7f\xa3>\xeaN\xa8\xdb\xe89Wq6\xe8\xd0\xb2\x88j\xf4X\x1fFj-\x97\xf2\x1cnO\x8c5s\xc3\xa46P[\xf5\xd8\xed"\n\x18a\xfc\xf7"\x0f\x99\xe5\xee\xbe\x9auf\xf3\xcaE<6\x1e\xce\xf1\x99>\\\xe3\x0e\xb5\xf5O\t\xc8\x1f\xf69w\xfaG\xc6\x1f\xb7\x0cCDA\x8f\x0fX\x12l&\x9b\xcd\xc8j\xa4X\xdfn\xe9\xd2\x82\xa7\x05^ \x89\x98\x03\xe9\xb0\x06\xa2o\xfbp\x1a^]\x95a\x0bH\x1e\x84E\xa0:#\xa2\xddbi$\xa50T.\xf9\x1e\x92\t\x00\xdd\xd1yG\xdb\xde\xbb\xfb\x95\xf4\xc4\xc7\x10\xa1>\xed)\xa8\x8e\xed\xecgj\xab\x87V\xfeI', form='der'), domains: ['nextcloud.mattia98.org', 'mattia98.org']
2016-07-08 15:30:36,944:DEBUG:root:Requesting fresh nonce
2016-07-08 15:30:36,945:DEBUG:root:Sending HEAD request to https://acme-v01.api.letsencrypt.org/acme/new-authz. args: (), kwargs: {}
2016-07-08 15:30:36,946:INFO:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
2016-07-08 15:30:37,532:DEBUG:requests.packages.urllib3.connectionpool:"HEAD /acme/new-authz HTTP/1.1" 405 0
2016-07-08 15:30:37,534:DEBUG:root:Received <Response [405]>. Headers: {'Content-Length': '91', 'Pragma': 'no-cache', 'Boulder-Request-Id': 'JHdVDYTxHAiS5zsJfg6F3qklf1fDauN0eYAERFl13U8', 'Expires': 'Fri, 08 Jul 2016 15:30:37 GMT', 'Server': 'nginx', 'Connection': 'keep-alive', 'Allow': 'POST', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Fri, 08 Jul 2016 15:30:37 GMT', 'Content-Type': 'application/problem+json', 'Replay-Nonce': '7AnRjCaga22PYrBWhPrtL_4u7klzRN_VWXkOgDLv1H8'}. Content: ''
2016-07-08 15:30:37,535:DEBUG:acme.client:Storing nonce: '\xec\t\xd1\x8c&\xa0km\x8fb\xb0V\x84\xfa\xed/\xfe.\xeeIsD\xdf\xd5Yy\x0e\x802\xef\xd4\x7f'
2016-07-08 15:30:37,535:DEBUG:acme.jose.json_util:Omitted empty fields: challenges=None, combinations=None, status=None, expires=None
2016-07-08 15:30:37,535:DEBUG:acme.client:Serialized JSON: {"identifier": {"type": "dns", "value": "nextcloud.mattia98.org"}, "resource": "new-authz"}
2016-07-08 15:30:37,536:DEBUG:acme.jose.json_util:Omitted empty fields: x5c=(), x5tS256=None, cty=None, jku=None, x5u=None, x5t=None, crit=(), kid=None, jwk=None, typ=None, alg=None
2016-07-08 15:30:37,541:DEBUG:acme.jose.json_util:Omitted empty fields: x5c=(), x5tS256=None, cty=None, jku=None, x5u=None, nonce=None, crit=(), x5t=None, kid=None, typ=None
2016-07-08 15:30:37,541:DEBUG:root:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz. args: (), kwargs: {'data': '{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "0ZtqLvfsdse_etXITjBjpJXIkBtiI0RaAz3bI3mT9aVlS3lU3ydrwfwiMDkz-L30WQOoQM8qfY-UfwzzME7cLMO78Ys4FyHRcawxKAqW6qqEg70Er2kqsstVXzVHPRGu5B2UMBgHqJPRgNKEoBjUUg0gPiDVpOGhJs5Nsy_7cdYszV195bCWXoDjS_Ukhr_l2RSjn3QwGMmH-Qwi3NYWiRBh9ofTuB81lI1T4fOxpwsqCGI5kdxR7eDXCLAOrfsfLPgP-cyIFe0QAVuzPAzrCc9eRuakMGIw1XV6zyeFa8VFhwjkQwmfvzIQFbmRS3x_y2l-DogsetOORt2kbuQEfw"}}, "protected": "eyJub25jZSI6ICI3QW5SakNhZ2EyMlBZckJXaFBydExfNHU3a2x6Uk5fVldYa09nREx2MUg4In0", "payload": "eyJpZGVudGlmaWVyIjogeyJ0eXBlIjogImRucyIsICJ2YWx1ZSI6ICJuZXh0Y2xvdWQubWF0dGlhOTgub3JnIn0sICJyZXNvdXJjZSI6ICJuZXctYXV0aHoifQ", "signature": "V8USFes73cZQte3Ew-ZIOwKhRgqyn0R-gDI5fhGeciyXIjqqlFBkAnc4qCh9asCRKyvci-4q1PI0cdscld4UCvkpYRPYiWzinDbHzFgl7DIXqsQXDI8NOzGUfN8HDd_rClK_iWZZTl5RdD2MWC5DjgGqEB1iqJu0QR_0jqsB1ROrdkGy3KDvhQYS0Lk4_dR55TojcCI6hIteWaLxPkAEcesZHU_oS0dxwW2GZ7FI4t6CAhW3UiO-O4LrxxYVFECID8dkvD1tNQvAUAYtNtLEsbLdGPUAQc41O6CVAUXMnF74cAgiUhfCosMQI6byGUBOqIL0Vv5pT8UkzeNMCxghSQ"}'}
2016-07-08 15:30:37,542:INFO:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
2016-07-08 15:30:37,977:DEBUG:requests.packages.urllib3.connectionpool:"POST /acme/new-authz HTTP/1.1" 201 1007
2016-07-08 15:30:37,979:DEBUG:root:Received <Response [201]>. Headers: {'Content-Length': '1007', 'Expires': 'Fri, 08 Jul 2016 15:30:37 GMT', 'Boulder-Request-Id': 'J5teGhdGv8RdkGeEUMo-p68zH5u8vN1gsFW4102E8Q0', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Connection': 'keep-alive', 'Link': '<https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"', 'Location': 'https://acme-v01.api.letsencrypt.org/acme/authz/9DaiEmrBcFDec4QndyAxoT5U2vanpjrX3t0F31HsqTg', 'Pragma': 'no-cache', 'Boulder-Requester': '2538441', 'Date': 'Fri, 08 Jul 2016 15:30:37 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': 'khYlJM7O1VRbD7HqxYfVLGN2zVZ6DRfZEk5yLzq-fGE'}. Content: '{\n "identifier": {\n "type": "dns",\n "value": "nextcloud.mattia98.org"\n },\n "status": "pending",\n "expires": "2016-07-15T15:30:37.863196959Z",\n "challenges": [\n {\n "type": "http-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/9DaiEmrBcFDec4QndyAxoT5U2vanpjrX3t0F31HsqTg/163861749",\n "token": "6eGSUishHge1kTGdUcwU67lNg0qL3Y22hzEI4JSjBOY"\n },\n {\n "type": "dns-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/9DaiEmrBcFDec4QndyAxoT5U2vanpjrX3t0F31HsqTg/163861750",\n "token": "K5WQRe5_e2_iK0-PYdSLH9Rags-2Hb-1s1Xqe36msWQ"\n },\n {\n "type": "tls-sni-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/9DaiEmrBcFDec4QndyAxoT5U2vanpjrX3t0F31HsqTg/163861751",\n "token": "p-LrTcx43lMdjo5jUcZwzC5oFlklQu9W1H6HkUAwIDQ"\n }\n ],\n "combinations": [\n [\n 2\n ],\n [\n 0\n ],\n [\n 1\n ]\n ]\n}'
2016-07-08 15:30:37,980:DEBUG:acme.client:Storing nonce: '\x92\x16%$\xce\xce\xd5T[\x0f\xb1\xea\xc5\x87\xd5,cv\xcdVz\r\x17\xd9\x12Nr/:\xbe|a'
2016-07-08 15:30:37,980:DEBUG:acme.client:Received response <Response [201]> (headers: {'Content-Length': '1007', 'Expires': 'Fri, 08 Jul 2016 15:30:37 GMT', 'Boulder-Request-Id': 'J5teGhdGv8RdkGeEUMo-p68zH5u8vN1gsFW4102E8Q0', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Connection': 'keep-alive', 'Link': '<https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"', 'Location': 'https://acme-v01.api.letsencrypt.org/acme/authz/9DaiEmrBcFDec4QndyAxoT5U2vanpjrX3t0F31HsqTg', 'Pragma': 'no-cache', 'Boulder-Requester': '2538441', 'Date': 'Fri, 08 Jul 2016 15:30:37 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': 'khYlJM7O1VRbD7HqxYfVLGN2zVZ6DRfZEk5yLzq-fGE'}): '{\n "identifier": {\n "type": "dns",\n "value": "nextcloud.mattia98.org"\n },\n "status": "pending",\n "expires": "2016-07-15T15:30:37.863196959Z",\n "challenges": [\n {\n "type": "http-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/9DaiEmrBcFDec4QndyAxoT5U2vanpjrX3t0F31HsqTg/163861749",\n "token": "6eGSUishHge1kTGdUcwU67lNg0qL3Y22hzEI4JSjBOY"\n },\n {\n "type": "dns-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/9DaiEmrBcFDec4QndyAxoT5U2vanpjrX3t0F31HsqTg/163861750",\n "token": "K5WQRe5_e2_iK0-PYdSLH9Rags-2Hb-1s1Xqe36msWQ"\n },\n {\n "type": "tls-sni-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/9DaiEmrBcFDec4QndyAxoT5U2vanpjrX3t0F31HsqTg/163861751",\n "token": "p-LrTcx43lMdjo5jUcZwzC5oFlklQu9W1H6HkUAwIDQ"\n }\n ],\n "combinations": [\n [\n 2\n ],\n [\n 0\n ],\n [\n 1\n ]\n ]\n}'
2016-07-08 15:30:37,981:DEBUG:acme.challenges:dns-01 was not recognized, full message: {u'status': u'pending', u'token': u'K5WQRe5_e2_iK0-PYdSLH9Rags-2Hb-1s1Xqe36msWQ', u'type': u'dns-01', u'uri': u'https://acme-v01.api.letsencrypt.org/acme/challenge/9DaiEmrBcFDec4QndyAxoT5U2vanpjrX3t0F31HsqTg/163861750'}
2016-07-08 15:30:37,982:DEBUG:acme.jose.json_util:Omitted empty fields: challenges=None, combinations=None, status=None, expires=None
2016-07-08 15:30:37,982:DEBUG:acme.client:Serialized JSON: {"identifier": {"type": "dns", "value": "mattia98.org"}, "resource": "new-authz"}
2016-07-08 15:30:37,983:DEBUG:acme.jose.json_util:Omitted empty fields: x5c=(), x5tS256=None, cty=None, jku=None, x5u=None, x5t=None, crit=(), kid=None, jwk=None, typ=None, alg=None
2016-07-08 15:30:37,987:DEBUG:acme.jose.json_util:Omitted empty fields: x5c=(), x5tS256=None, cty=None, jku=None, x5u=None, nonce=None, crit=(), x5t=None, kid=None, typ=None
2016-07-08 15:30:37,987:DEBUG:root:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz. args: (), kwargs: {'data': '{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "0ZtqLvfsdse_etXITjBjpJXIkBtiI0RaAz3bI3mT9aVlS3lU3ydrwfwiMDkz-L30WQOoQM8qfY-UfwzzME7cLMO78Ys4FyHRcawxKAqW6qqEg70Er2kqsstVXzVHPRGu5B2UMBgHqJPRgNKEoBjUUg0gPiDVpOGhJs5Nsy_7cdYszV195bCWXoDjS_Ukhr_l2RSjn3QwGMmH-Qwi3NYWiRBh9ofTuB81lI1T4fOxpwsqCGI5kdxR7eDXCLAOrfsfLPgP-cyIFe0QAVuzPAzrCc9eRuakMGIw1XV6zyeFa8VFhwjkQwmfvzIQFbmRS3x_y2l-DogsetOORt2kbuQEfw"}}, "protected": "eyJub25jZSI6ICJraFlsSk03TzFWUmJEN0hxeFlmVkxHTjJ6Vlo2RFJmWkVrNXlMenEtZkdFIn0", "payload": "eyJpZGVudGlmaWVyIjogeyJ0eXBlIjogImRucyIsICJ2YWx1ZSI6ICJtYXR0aWE5OC5vcmcifSwgInJlc291cmNlIjogIm5ldy1hdXRoeiJ9", "signature": "utNx6n8fsljg6Hi2xuqMcmVHYgFUm_m29_CcwLdtMstVy_YvJjFNsIPexyOTeEjl1KA5axh3Lz9gHZz-j_tRgNrWutUJBvKD4xRKwA1gs8qJFh6hiUUo5Uncir_n7J8f_ihnMqRTZGAXuDShRLM11mUMAD5Cjum8awRuR12O0wW9XCyK2L4ARPOJiLWuKCDrfzkKvNOP2GfWl4UPNj-HFQjpMlkVms9e0RYsXRvugoEUfTMRqosAt9JPS3n8SuIOLub04qhAfpgnBPZLgip2la69oi_m1DC3xbrOpkfyefl9GPZ1NznK6PCO4IeOTl24_65gxGtZRIlJXOjm2lo-BA"}'}
2016-07-08 15:30:37,988:INFO:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
2016-07-08 15:30:38,474:DEBUG:requests.packages.urllib3.connectionpool:"POST /acme/new-authz HTTP/1.1" 201 997
2016-07-08 15:30:38,476:DEBUG:root:Received <Response [201]>. Headers: {'Content-Length': '997', 'Expires': 'Fri, 08 Jul 2016 15:30:38 GMT', 'Boulder-Request-Id': 'exE0StMYMRyHvZhsoeY5gpr4RjZqSIHwTVhmVEwlnQc', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Connection': 'keep-alive', 'Link': '<https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"', 'Location': 'https://acme-v01.api.letsencrypt.org/acme/authz/NZLIJJXF9eOlesysPBep46rttqwLtrW4xITvKO4m0BU', 'Pragma': 'no-cache', 'Boulder-Requester': '2538441', 'Date': 'Fri, 08 Jul 2016 15:30:38 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': 'sYD88XRIbKRmM6c6TR2RMqF9smRKpUgfRR6vW93yukE'}. Content: '{\n "identifier": {\n "type": "dns",\n "value": "mattia98.org"\n },\n "status": "pending",\n "expires": "2016-07-15T15:30:38.353277995Z",\n "challenges": [\n {\n "type": "dns-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/NZLIJJXF9eOlesysPBep46rttqwLtrW4xITvKO4m0BU/163861764",\n "token": "gyc-PjZ11Yo3EplHjniX_qqk1MerazX54QAm3vA6KWI"\n },\n {\n "type": "tls-sni-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/NZLIJJXF9eOlesysPBep46rttqwLtrW4xITvKO4m0BU/163861765",\n "token": "3kWeIUQWy9vF8oU2SKgr-wEXeohA3EuYlLERCffmBp8"\n },\n {\n "type": "http-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/NZLIJJXF9eOlesysPBep46rttqwLtrW4xITvKO4m0BU/163861766",\n "token": "CJyZLRqQ5RCt8q2y8x9Nrp5-mLaWDXcmGyD9TKzpk38"\n }\n ],\n "combinations": [\n [\n 1\n ],\n [\n 0\n ],\n [\n 2\n ]\n ]\n}'
2016-07-08 15:30:38,477:DEBUG:acme.client:Storing nonce: '\xb1\x80\xfc\xf1tHl\xa4f3\xa7:M\x1d\x912\xa1}\xb2dJ\xa5H\x1fE\x1e\xaf[\xdd\xf2\xbaA'
2016-07-08 15:30:38,477:DEBUG:acme.client:Received response <Response [201]> (headers: {'Content-Length': '997', 'Expires': 'Fri, 08 Jul 2016 15:30:38 GMT', 'Boulder-Request-Id': 'exE0StMYMRyHvZhsoeY5gpr4RjZqSIHwTVhmVEwlnQc', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Connection': 'keep-alive', 'Link': '<https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"', 'Location': 'https://acme-v01.api.letsencrypt.org/acme/authz/NZLIJJXF9eOlesysPBep46rttqwLtrW4xITvKO4m0BU', 'Pragma': 'no-cache', 'Boulder-Requester': '2538441', 'Date': 'Fri, 08 Jul 2016 15:30:38 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': 'sYD88XRIbKRmM6c6TR2RMqF9smRKpUgfRR6vW93yukE'}): '{\n "identifier": {\n "type": "dns",\n "value": "mattia98.org"\n },\n "status": "pending",\n "expires": "2016-07-15T15:30:38.353277995Z",\n "challenges": [\n {\n "type": "dns-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/NZLIJJXF9eOlesysPBep46rttqwLtrW4xITvKO4m0BU/163861764",\n "token": "gyc-PjZ11Yo3EplHjniX_qqk1MerazX54QAm3vA6KWI"\n },\n {\n "type": "tls-sni-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/NZLIJJXF9eOlesysPBep46rttqwLtrW4xITvKO4m0BU/163861765",\n "token": "3kWeIUQWy9vF8oU2SKgr-wEXeohA3EuYlLERCffmBp8"\n },\n {\n "type": "http-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/NZLIJJXF9eOlesysPBep46rttqwLtrW4xITvKO4m0BU/163861766",\n "token": "CJyZLRqQ5RCt8q2y8x9Nrp5-mLaWDXcmGyD9TKzpk38"\n }\n ],\n "combinations": [\n [\n 1\n ],\n [\n 0\n ],\n [\n 2\n ]\n ]\n}'
2016-07-08 15:30:38,478:DEBUG:acme.challenges:dns-01 was not recognized, full message: {u'status': u'pending', u'token': u'gyc-PjZ11Yo3EplHjniX_qqk1MerazX54QAm3vA6KWI', u'type': u'dns-01', u'uri': u'https://acme-v01.api.letsencrypt.org/acme/challenge/NZLIJJXF9eOlesysPBep46rttqwLtrW4xITvKO4m0BU/163861764'}
2016-07-08 15:30:38,478:INFO:letsencrypt.auth_handler:Performing the following challenges:
2016-07-08 15:30:38,479:INFO:letsencrypt.auth_handler:tls-sni-01 challenge for nextcloud.mattia98.org
2016-07-08 15:30:38,479:INFO:letsencrypt.auth_handler:tls-sni-01 challenge for mattia98.org
2016-07-08 15:30:39,129:DEBUG:letsencrypt_apache.tls_sni_01:Adding Include /etc/apache2/le_tls_sni_01_cert_challenge.conf to /files/etc/apache2/apache2.conf
2016-07-08 15:30:39,130:DEBUG:letsencrypt_apache.tls_sni_01:writing a config file with text:
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName ee4f8cf0d737d87fd1b172d09e932afa.6a81bd6a27ca58c1324a11a8f178f300.acme.invalid
UseCanonicalName on
SSLStrictSNIVHostCheck on
LimitRequestBody 1048576
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /var/lib/letsencrypt/p-LrTcx43lMdjo5jUcZwzC5oFlklQu9W1H6HkUAwIDQ.crt
SSLCertificateKeyFile /var/lib/letsencrypt/p-LrTcx43lMdjo5jUcZwzC5oFlklQu9W1H6HkUAwIDQ.pem
DocumentRoot /var/lib/letsencrypt/tls_sni_01_page/
</VirtualHost>
<VirtualHost *:443>
ServerName 288e75c418f3b55fa9ce4335bf672833.86b280ba5412aa994ce902544640544f.acme.invalid
UseCanonicalName on
SSLStrictSNIVHostCheck on
LimitRequestBody 1048576
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /var/lib/letsencrypt/3kWeIUQWy9vF8oU2SKgr-wEXeohA3EuYlLERCffmBp8.crt
SSLCertificateKeyFile /var/lib/letsencrypt/3kWeIUQWy9vF8oU2SKgr-wEXeohA3EuYlLERCffmBp8.pem
DocumentRoot /var/lib/letsencrypt/tls_sni_01_page/
</VirtualHost>
</IfModule>
2016-07-08 15:30:39,175:DEBUG:letsencrypt.reverter:Creating backup of /etc/apache2/apache2.conf
2016-07-08 15:30:39,429:ERROR:letsencrypt.le_util:Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
AH00112: Warning: DocumentRoot [/var/lib/letsencrypt/tls_sni_01_page/] does not exist
AH00112: Warning: DocumentRoot [/var/lib/letsencrypt/tls_sni_01_page/] does not exist
2016-07-08 15:30:39,430:DEBUG:letsencrypt.error_handler:Encountered exception:
Traceback (most recent call last):
File "/usr/lib/python2.7/dist-packages/letsencrypt/auth_handler.py", line 115, in _solve_challenges
dv_resp = self.dv_auth.perform(self.dv_c)
File "/usr/lib/python2.7/dist-packages/letsencrypt_apache/configurator.py", line 1554, in perform
self.restart()
File "/usr/lib/python2.7/dist-packages/letsencrypt_apache/configurator.py", line 1463, in restart
self._reload()
File "/usr/lib/python2.7/dist-packages/letsencrypt_apache/configurator.py", line 1474, in _reload
raise errors.MisconfigurationError(str(err))
MisconfigurationError: Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
AH00112: Warning: DocumentRoot [/var/lib/letsencrypt/tls_sni_01_page/] does not exist
AH00112: Warning: DocumentRoot [/var/lib/letsencrypt/tls_sni_01_page/] does not exist
2016-07-08 15:30:39,430:DEBUG:letsencrypt.error_handler:Calling registered functions
2016-07-08 15:30:39,431:INFO:letsencrypt.auth_handler:Cleaning up challenges
2016-07-08 15:30:39,653:ERROR:letsencrypt.le_util:Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
2016-07-08 15:30:39,653:ERROR:letsencrypt.error_handler:Encountered exception during recovery
2016-07-08 15:30:39,653:ERROR:letsencrypt.error_handler:Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
Traceback (most recent call last):
File "/usr/lib/python2.7/dist-packages/letsencrypt/error_handler.py", line 74, in call_registered
self.funcs[-1]()
File "/usr/lib/python2.7/dist-packages/letsencrypt/auth_handler.py", line 280, in _cleanup_challenges
self.dv_auth.cleanup(dv_c)
File "/usr/lib/python2.7/dist-packages/letsencrypt_apache/configurator.py", line 1575, in cleanup
self.restart()
File "/usr/lib/python2.7/dist-packages/letsencrypt_apache/configurator.py", line 1463, in restart
self._reload()
File "/usr/lib/python2.7/dist-packages/letsencrypt_apache/configurator.py", line 1474, in _reload
raise errors.MisconfigurationError(str(err))
MisconfigurationError: Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
2016-07-08 15:30:39,655:DEBUG:letsencrypt.cli:Exiting abnormally:
Traceback (most recent call last):
File "/usr/bin/letsencrypt", line 9, in <module>
load_entry_point('letsencrypt==0.4.1', 'console_scripts', 'letsencrypt')()
File "/usr/lib/python2.7/dist-packages/letsencrypt/cli.py", line 1986, in main
return config.func(config, plugins)
File "/usr/lib/python2.7/dist-packages/letsencrypt/cli.py", line 662, in run
lineage, action = _auth_from_domains(le_client, config, domains)
File "/usr/lib/python2.7/dist-packages/letsencrypt/cli.py", line 474, in _auth_from_domains
lineage = le_client.obtain_and_enroll_certificate(domains)
File "/usr/lib/python2.7/dist-packages/letsencrypt/client.py", line 269, in obtain_and_enroll_certificate
certr, chain, key, _ = self.obtain_certificate(domains)
File "/usr/lib/python2.7/dist-packages/letsencrypt/client.py", line 252, in obtain_certificate
return self.obtain_certificate_from_csr(domains, csr) + (key, csr)
File "/usr/lib/python2.7/dist-packages/letsencrypt/client.py", line 225, in obtain_certificate_from_csr
authzr = self.auth_handler.get_authorizations(domains)
File "/usr/lib/python2.7/dist-packages/letsencrypt/auth_handler.py", line 80, in get_authorizations
cont_resp, dv_resp = self._solve_challenges()
File "/usr/lib/python2.7/dist-packages/letsencrypt/auth_handler.py", line 115, in _solve_challenges
dv_resp = self.dv_auth.perform(self.dv_c)
File "/usr/lib/python2.7/dist-packages/letsencrypt_apache/configurator.py", line 1554, in perform
self.restart()
File "/usr/lib/python2.7/dist-packages/letsencrypt_apache/configurator.py", line 1463, in restart
self._reload()
File "/usr/lib/python2.7/dist-packages/letsencrypt_apache/configurator.py", line 1474, in _reload
raise errors.MisconfigurationError(str(err))
MisconfigurationError: Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
AH00112: Warning: DocumentRoot [/var/lib/letsencrypt/tls_sni_01_page/] does not exist
AH00112: Warning: DocumentRoot [/var/lib/letsencrypt/tls_sni_01_page/] does not exist
duplicate
Mattia98
Alle 3 Kommentare
Dies sieht aus wie ein Duplikat von #1783, ich danke Ihnen jedoch, dass Sie ein vollständiges Protokoll des Problems bereitstellen. Ich habe dieses Problem dort erwähnt.
bmw
am 8. Juli 2016
Ich hatte das gleiche Problem (Aktion 'graceful' fehlgeschlagen, Warnung: Dokumentstamm existiert nicht). In meinem Fall schien der Grund die vorhandene Apache-SSL-Konfiguration zu sein. Ich hatte keine Zertifikate konfiguriert (ich dachte, Letsencrypt würde sich darum kümmern). Das Hinzufügen der folgenden Zeilen zu meiner Virtualhost-Konfiguration ließ den Fehler verschwinden:
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
bastian-bramblecloud
am 2. Sept. 2016
👍11
🎉5
Bestätigt auch mit meinen virtuellen Hosts. Durch Vorkonfigurieren von virtuellen SSL-Hosts mit dem Snakeoil-Zertifikat und -Schlüssel wird certbot -apache perfekt installiert. Dadurch wurden auch die anderen verschiedenen "Fehler" beseitigt, die gefunden werden können und ebenfalls diskutiert werden, wie zum Beispiel:
" urn:acme : error:malformed :: Die Anforderungsnachricht war fehlerhaft :: Server spricht nur HTTP, nicht TLS"
"tls-sni-01 Challenge: Server spricht nur http, nicht tls"
"Warnung: DocumentRoot [/var/lib/letsencrypt/tls_sni_01_page/] existiert nicht"
UWXAdmin
am 24. Juli 2017
War diese Seite hilfreich?
0 / 5 - 0 Bewertungen
Verwandte Themen
gcstang
·
3Kommentare
GEEK-WALKER
·
3Kommentare
KeiroD
·
4Kommentare
bmw
·
3Kommentare
realtebo
·
3Kommentare
Hilfreichster Kommentar
Ich hatte das gleiche Problem (Aktion 'graceful' fehlgeschlagen, Warnung: Dokumentstamm existiert nicht). In meinem Fall schien der Grund die vorhandene Apache-SSL-Konfiguration zu sein. Ich hatte keine Zertifikate konfiguriert (ich dachte, Letsencrypt würde sich darum kümmern). Das Hinzufügen der folgenden Zeilen zu meiner Virtualhost-Konfiguration ließ den Fehler verschwinden:
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pemSSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key