Hola, acabo de reinstalar mi servidor y actualicé de Ubuntu 14.04 a 16.04.
Todo funcionó bien en Ubuntu 14.04.
Pero ahora en Ubuntu 16.04, Certbot no puede obtener mis certificados.
Primero, aquí están los registros de cuando ejecuto sudo letsencrypt --apache --text -vvvvv
después de instalar apache2, php, postgres y certbot a través de repositorios.
user<strong i="10">@Server</strong>:~$ sudo cat /var/log/letsencrypt/letsencrypt.log
2016-07-08 15:30:26,402:DEBUG:letsencrypt.cli:Root logging level set at -20
2016-07-08 15:30:26,403:INFO:letsencrypt.cli:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2016-07-08 15:30:26,404:DEBUG:letsencrypt.cli:letsencrypt version: 0.4.1
2016-07-08 15:30:26,404:DEBUG:letsencrypt.cli:Arguments: ['--apache', '--text', '-vvvvv']
2016-07-08 15:30:26,404:DEBUG:letsencrypt.cli:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#webroot,PluginEntryPoint#null,PluginEntryPoint#manual,PluginEntryPoint#standalone)
2016-07-08 15:30:26,405:DEBUG:letsencrypt.cli:Requested authenticator apache and installer apache
2016-07-08 15:30:26,861:DEBUG:letsencrypt.display.ops:Single candidate plugin: * apache
Description: Apache Web Server - Alpha
Interfaces: IAuthenticator, IInstaller, IPlugin
Entry point: apache = letsencrypt_apache.configurator:ApacheConfigurator
Initialized: <letsencrypt_apache.configurator.ApacheConfigurator object at 0x7f4fa2d0f110>
Prep: True
2016-07-08 15:30:26,862:DEBUG:letsencrypt.cli:Selected authenticator <letsencrypt_apache.configurator.ApacheConfigurator object at 0x7f4fa2d0f110> and installer <letsencrypt_apache.configurator.ApacheConfigurator object at 0x7f4fa2d0f110>
2016-07-08 15:30:36,207:DEBUG:letsencrypt.cli:Picked account: <Account(5e1503fd131a8338a2d21866a6e202c6)>
2016-07-08 15:30:36,208:DEBUG:root:Sending GET request to https://acme-v01.api.letsencrypt.org/directory. args: (), kwargs: {}
2016-07-08 15:30:36,212:INFO:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
2016-07-08 15:30:36,783:DEBUG:requests.packages.urllib3.connectionpool:"GET /directory HTTP/1.1" 200 280
2016-07-08 15:30:36,786:DEBUG:root:Received <Response [200]>. Headers: {'Content-Length': '280', 'Expires': 'Fri, 08 Jul 2016 15:30:36 GMT', 'Boulder-Request-Id': 'PYGfztG4VlK9dwVTDwiVoHUbFRPIXGwvntjgxqUNRik', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Connection': 'keep-alive', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Fri, 08 Jul 2016 15:30:36 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': '0-KmJIn0g2KMLRf2m2yFf9w2MT8eDXUtJAmP23ycklI'}. Content: '{\n "new-authz": "https://acme-v01.api.letsencrypt.org/acme/new-authz",\n "new-cert": "https://acme-v01.api.letsencrypt.org/acme/new-cert",\n "new-reg": "https://acme-v01.api.letsencrypt.org/acme/new-reg",\n "revoke-cert": "https://acme-v01.api.letsencrypt.org/acme/revoke-cert"\n}'
2016-07-08 15:30:36,786:DEBUG:acme.client:Received response <Response [200]> (headers: {'Content-Length': '280', 'Expires': 'Fri, 08 Jul 2016 15:30:36 GMT', 'Boulder-Request-Id': 'PYGfztG4VlK9dwVTDwiVoHUbFRPIXGwvntjgxqUNRik', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Connection': 'keep-alive', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Fri, 08 Jul 2016 15:30:36 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': '0-KmJIn0g2KMLRf2m2yFf9w2MT8eDXUtJAmP23ycklI'}): '{\n "new-authz": "https://acme-v01.api.letsencrypt.org/acme/new-authz",\n "new-cert": "https://acme-v01.api.letsencrypt.org/acme/new-cert",\n "new-reg": "https://acme-v01.api.letsencrypt.org/acme/new-reg",\n "revoke-cert": "https://acme-v01.api.letsencrypt.org/acme/revoke-cert"\n}'
2016-07-08 15:30:36,940:INFO:letsencrypt.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0011_key-letsencrypt.pem
2016-07-08 15:30:36,943:INFO:letsencrypt.crypto_util:Creating CSR: /etc/letsencrypt/csr/0011_csr-letsencrypt.pem
2016-07-08 15:30:36,944:DEBUG:letsencrypt.client:CSR: CSR(file='/etc/letsencrypt/csr/0011_csr-letsencrypt.pem', data='0\x82\x02\xa80\x82\x01\x90\x02\x01\x020!1\x1f0\x1d\x06\x03U\x04\x03\x0c\x16nextcloud.mattia98.org0\x82\x01"0\r\x06\t*\x86H\x86\xf7\r\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\n\x02\x82\x01\x01\x00\xe6\xbe:9\xab\xceqz4\xcb\x02;W?\x1c\xf3\xc8\xe7G2,\xd3\xea\xea\xba7-|F#\xf9\xc8\x0c\x1bv]\xd0\xcc\xf1%\xcc\x8b{\x8e\x7fodX\xfd-\xf5i\xb6x\xdf\xab\xa7\xe8\x88/\x02\xd9\x0cu\x93\x8f\x1e\x87Ka"\xe7(\xe6\xb9\xff\t\x89;!\x1b\x04\xf9\xd4\xa0\xbc)\xd6\xad\xf4\xe5\xcfH\xfc\x9c\xe3k\x03\xdf\xeb\x9fP\xf6pN>wk\xdfX\x15\x1e(\xc1\xff\xf1Nn\xae\x7f\xf3^yZ\x9fx\xdbt\x01\xfa+\xdf\x1cm\xab(?&\x00]\xd8}\x98\x1c\xdf\x14\xd1\xf5\x92$\xab\x15\xb6\x83$p\xe4\xfe\xfeW\xff\x7f&\xb7\x87\x81I\xeb\xbcL\x96\x85iH\x02\x9a"\x06\xc8\xca\xa9g\xe8c\x9f\xf7\xe9}\\\x8bb\xdd\xfb\xf24\xedZ\x14\xc6}\x90\r\xadMZ\'x %\x84(&\x9d\xf0,H\x13\xae\x14\x89v\xf5Ua\x14\xdcv\x01W\xc5\xd8R=\x17\x97F\x16J\x05<bl\xfc\x0ccR\xd7\x97\xddSI\xc4\x0e\x028y\x02\x03\x01\x00\x01\xa0B0@\x06\t*\x86H\x86\xf7\r\x01\t\x0e13010/\x06\x03U\x1d\x11\x04(0&\x82\x16nextcloud.mattia98.org\x82\x0cmattia98.org0\r\x06\t*\x86H\x86\xf7\r\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00;\x1d\xca:\xbav\xad,\x93\x07\xb2S\x9f\xffVX$\x8d\xcb\xfd\xd9\xd8\xd7\xdfea\x10W\xb5\x81\xd8\x9e\x94S\xbe\x1aUG \xc9D\xcaF\x94V\x016\xf8\xc1I\xf6@b\x8d7\x91\x1c\xd6 \xe7\x19\xb8\x80Q\xa3a\xb3\xe0\x86\xb6\'\xf7\xce\x9cE\x86x\xae\xa1rG"\xc8\xbd\x12\x7f\xa3>\xeaN\xa8\xdb\xe89Wq6\xe8\xd0\xb2\x88j\xf4X\x1fFj-\x97\xf2\x1cnO\x8c5s\xc3\xa46P[\xf5\xd8\xed"\n\x18a\xfc\xf7"\x0f\x99\xe5\xee\xbe\x9auf\xf3\xcaE<6\x1e\xce\xf1\x99>\\\xe3\x0e\xb5\xf5O\t\xc8\x1f\xf69w\xfaG\xc6\x1f\xb7\x0cCDA\x8f\x0fX\x12l&\x9b\xcd\xc8j\xa4X\xdfn\xe9\xd2\x82\xa7\x05^ \x89\x98\x03\xe9\xb0\x06\xa2o\xfbp\x1a^]\x95a\x0bH\x1e\x84E\xa0:#\xa2\xddbi$\xa50T.\xf9\x1e\x92\t\x00\xdd\xd1yG\xdb\xde\xbb\xfb\x95\xf4\xc4\xc7\x10\xa1>\xed)\xa8\x8e\xed\xecgj\xab\x87V\xfeI', form='der'), domains: ['nextcloud.mattia98.org', 'mattia98.org']
2016-07-08 15:30:36,944:DEBUG:root:Requesting fresh nonce
2016-07-08 15:30:36,945:DEBUG:root:Sending HEAD request to https://acme-v01.api.letsencrypt.org/acme/new-authz. args: (), kwargs: {}
2016-07-08 15:30:36,946:INFO:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
2016-07-08 15:30:37,532:DEBUG:requests.packages.urllib3.connectionpool:"HEAD /acme/new-authz HTTP/1.1" 405 0
2016-07-08 15:30:37,534:DEBUG:root:Received <Response [405]>. Headers: {'Content-Length': '91', 'Pragma': 'no-cache', 'Boulder-Request-Id': 'JHdVDYTxHAiS5zsJfg6F3qklf1fDauN0eYAERFl13U8', 'Expires': 'Fri, 08 Jul 2016 15:30:37 GMT', 'Server': 'nginx', 'Connection': 'keep-alive', 'Allow': 'POST', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Fri, 08 Jul 2016 15:30:37 GMT', 'Content-Type': 'application/problem+json', 'Replay-Nonce': '7AnRjCaga22PYrBWhPrtL_4u7klzRN_VWXkOgDLv1H8'}. Content: ''
2016-07-08 15:30:37,535:DEBUG:acme.client:Storing nonce: '\xec\t\xd1\x8c&\xa0km\x8fb\xb0V\x84\xfa\xed/\xfe.\xeeIsD\xdf\xd5Yy\x0e\x802\xef\xd4\x7f'
2016-07-08 15:30:37,535:DEBUG:acme.jose.json_util:Omitted empty fields: challenges=None, combinations=None, status=None, expires=None
2016-07-08 15:30:37,535:DEBUG:acme.client:Serialized JSON: {"identifier": {"type": "dns", "value": "nextcloud.mattia98.org"}, "resource": "new-authz"}
2016-07-08 15:30:37,536:DEBUG:acme.jose.json_util:Omitted empty fields: x5c=(), x5tS256=None, cty=None, jku=None, x5u=None, x5t=None, crit=(), kid=None, jwk=None, typ=None, alg=None
2016-07-08 15:30:37,541:DEBUG:acme.jose.json_util:Omitted empty fields: x5c=(), x5tS256=None, cty=None, jku=None, x5u=None, nonce=None, crit=(), x5t=None, kid=None, typ=None
2016-07-08 15:30:37,541:DEBUG:root:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz. args: (), kwargs: {'data': '{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "0ZtqLvfsdse_etXITjBjpJXIkBtiI0RaAz3bI3mT9aVlS3lU3ydrwfwiMDkz-L30WQOoQM8qfY-UfwzzME7cLMO78Ys4FyHRcawxKAqW6qqEg70Er2kqsstVXzVHPRGu5B2UMBgHqJPRgNKEoBjUUg0gPiDVpOGhJs5Nsy_7cdYszV195bCWXoDjS_Ukhr_l2RSjn3QwGMmH-Qwi3NYWiRBh9ofTuB81lI1T4fOxpwsqCGI5kdxR7eDXCLAOrfsfLPgP-cyIFe0QAVuzPAzrCc9eRuakMGIw1XV6zyeFa8VFhwjkQwmfvzIQFbmRS3x_y2l-DogsetOORt2kbuQEfw"}}, "protected": "eyJub25jZSI6ICI3QW5SakNhZ2EyMlBZckJXaFBydExfNHU3a2x6Uk5fVldYa09nREx2MUg4In0", "payload": "eyJpZGVudGlmaWVyIjogeyJ0eXBlIjogImRucyIsICJ2YWx1ZSI6ICJuZXh0Y2xvdWQubWF0dGlhOTgub3JnIn0sICJyZXNvdXJjZSI6ICJuZXctYXV0aHoifQ", "signature": "V8USFes73cZQte3Ew-ZIOwKhRgqyn0R-gDI5fhGeciyXIjqqlFBkAnc4qCh9asCRKyvci-4q1PI0cdscld4UCvkpYRPYiWzinDbHzFgl7DIXqsQXDI8NOzGUfN8HDd_rClK_iWZZTl5RdD2MWC5DjgGqEB1iqJu0QR_0jqsB1ROrdkGy3KDvhQYS0Lk4_dR55TojcCI6hIteWaLxPkAEcesZHU_oS0dxwW2GZ7FI4t6CAhW3UiO-O4LrxxYVFECID8dkvD1tNQvAUAYtNtLEsbLdGPUAQc41O6CVAUXMnF74cAgiUhfCosMQI6byGUBOqIL0Vv5pT8UkzeNMCxghSQ"}'}
2016-07-08 15:30:37,542:INFO:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
2016-07-08 15:30:37,977:DEBUG:requests.packages.urllib3.connectionpool:"POST /acme/new-authz HTTP/1.1" 201 1007
2016-07-08 15:30:37,979:DEBUG:root:Received <Response [201]>. Headers: {'Content-Length': '1007', 'Expires': 'Fri, 08 Jul 2016 15:30:37 GMT', 'Boulder-Request-Id': 'J5teGhdGv8RdkGeEUMo-p68zH5u8vN1gsFW4102E8Q0', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Connection': 'keep-alive', 'Link': '<https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"', 'Location': 'https://acme-v01.api.letsencrypt.org/acme/authz/9DaiEmrBcFDec4QndyAxoT5U2vanpjrX3t0F31HsqTg', 'Pragma': 'no-cache', 'Boulder-Requester': '2538441', 'Date': 'Fri, 08 Jul 2016 15:30:37 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': 'khYlJM7O1VRbD7HqxYfVLGN2zVZ6DRfZEk5yLzq-fGE'}. Content: '{\n "identifier": {\n "type": "dns",\n "value": "nextcloud.mattia98.org"\n },\n "status": "pending",\n "expires": "2016-07-15T15:30:37.863196959Z",\n "challenges": [\n {\n "type": "http-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/9DaiEmrBcFDec4QndyAxoT5U2vanpjrX3t0F31HsqTg/163861749",\n "token": "6eGSUishHge1kTGdUcwU67lNg0qL3Y22hzEI4JSjBOY"\n },\n {\n "type": "dns-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/9DaiEmrBcFDec4QndyAxoT5U2vanpjrX3t0F31HsqTg/163861750",\n "token": "K5WQRe5_e2_iK0-PYdSLH9Rags-2Hb-1s1Xqe36msWQ"\n },\n {\n "type": "tls-sni-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/9DaiEmrBcFDec4QndyAxoT5U2vanpjrX3t0F31HsqTg/163861751",\n "token": "p-LrTcx43lMdjo5jUcZwzC5oFlklQu9W1H6HkUAwIDQ"\n }\n ],\n "combinations": [\n [\n 2\n ],\n [\n 0\n ],\n [\n 1\n ]\n ]\n}'
2016-07-08 15:30:37,980:DEBUG:acme.client:Storing nonce: '\x92\x16%$\xce\xce\xd5T[\x0f\xb1\xea\xc5\x87\xd5,cv\xcdVz\r\x17\xd9\x12Nr/:\xbe|a'
2016-07-08 15:30:37,980:DEBUG:acme.client:Received response <Response [201]> (headers: {'Content-Length': '1007', 'Expires': 'Fri, 08 Jul 2016 15:30:37 GMT', 'Boulder-Request-Id': 'J5teGhdGv8RdkGeEUMo-p68zH5u8vN1gsFW4102E8Q0', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Connection': 'keep-alive', 'Link': '<https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"', 'Location': 'https://acme-v01.api.letsencrypt.org/acme/authz/9DaiEmrBcFDec4QndyAxoT5U2vanpjrX3t0F31HsqTg', 'Pragma': 'no-cache', 'Boulder-Requester': '2538441', 'Date': 'Fri, 08 Jul 2016 15:30:37 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': 'khYlJM7O1VRbD7HqxYfVLGN2zVZ6DRfZEk5yLzq-fGE'}): '{\n "identifier": {\n "type": "dns",\n "value": "nextcloud.mattia98.org"\n },\n "status": "pending",\n "expires": "2016-07-15T15:30:37.863196959Z",\n "challenges": [\n {\n "type": "http-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/9DaiEmrBcFDec4QndyAxoT5U2vanpjrX3t0F31HsqTg/163861749",\n "token": "6eGSUishHge1kTGdUcwU67lNg0qL3Y22hzEI4JSjBOY"\n },\n {\n "type": "dns-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/9DaiEmrBcFDec4QndyAxoT5U2vanpjrX3t0F31HsqTg/163861750",\n "token": "K5WQRe5_e2_iK0-PYdSLH9Rags-2Hb-1s1Xqe36msWQ"\n },\n {\n "type": "tls-sni-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/9DaiEmrBcFDec4QndyAxoT5U2vanpjrX3t0F31HsqTg/163861751",\n "token": "p-LrTcx43lMdjo5jUcZwzC5oFlklQu9W1H6HkUAwIDQ"\n }\n ],\n "combinations": [\n [\n 2\n ],\n [\n 0\n ],\n [\n 1\n ]\n ]\n}'
2016-07-08 15:30:37,981:DEBUG:acme.challenges:dns-01 was not recognized, full message: {u'status': u'pending', u'token': u'K5WQRe5_e2_iK0-PYdSLH9Rags-2Hb-1s1Xqe36msWQ', u'type': u'dns-01', u'uri': u'https://acme-v01.api.letsencrypt.org/acme/challenge/9DaiEmrBcFDec4QndyAxoT5U2vanpjrX3t0F31HsqTg/163861750'}
2016-07-08 15:30:37,982:DEBUG:acme.jose.json_util:Omitted empty fields: challenges=None, combinations=None, status=None, expires=None
2016-07-08 15:30:37,982:DEBUG:acme.client:Serialized JSON: {"identifier": {"type": "dns", "value": "mattia98.org"}, "resource": "new-authz"}
2016-07-08 15:30:37,983:DEBUG:acme.jose.json_util:Omitted empty fields: x5c=(), x5tS256=None, cty=None, jku=None, x5u=None, x5t=None, crit=(), kid=None, jwk=None, typ=None, alg=None
2016-07-08 15:30:37,987:DEBUG:acme.jose.json_util:Omitted empty fields: x5c=(), x5tS256=None, cty=None, jku=None, x5u=None, nonce=None, crit=(), x5t=None, kid=None, typ=None
2016-07-08 15:30:37,987:DEBUG:root:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz. args: (), kwargs: {'data': '{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "0ZtqLvfsdse_etXITjBjpJXIkBtiI0RaAz3bI3mT9aVlS3lU3ydrwfwiMDkz-L30WQOoQM8qfY-UfwzzME7cLMO78Ys4FyHRcawxKAqW6qqEg70Er2kqsstVXzVHPRGu5B2UMBgHqJPRgNKEoBjUUg0gPiDVpOGhJs5Nsy_7cdYszV195bCWXoDjS_Ukhr_l2RSjn3QwGMmH-Qwi3NYWiRBh9ofTuB81lI1T4fOxpwsqCGI5kdxR7eDXCLAOrfsfLPgP-cyIFe0QAVuzPAzrCc9eRuakMGIw1XV6zyeFa8VFhwjkQwmfvzIQFbmRS3x_y2l-DogsetOORt2kbuQEfw"}}, "protected": "eyJub25jZSI6ICJraFlsSk03TzFWUmJEN0hxeFlmVkxHTjJ6Vlo2RFJmWkVrNXlMenEtZkdFIn0", "payload": "eyJpZGVudGlmaWVyIjogeyJ0eXBlIjogImRucyIsICJ2YWx1ZSI6ICJtYXR0aWE5OC5vcmcifSwgInJlc291cmNlIjogIm5ldy1hdXRoeiJ9", "signature": "utNx6n8fsljg6Hi2xuqMcmVHYgFUm_m29_CcwLdtMstVy_YvJjFNsIPexyOTeEjl1KA5axh3Lz9gHZz-j_tRgNrWutUJBvKD4xRKwA1gs8qJFh6hiUUo5Uncir_n7J8f_ihnMqRTZGAXuDShRLM11mUMAD5Cjum8awRuR12O0wW9XCyK2L4ARPOJiLWuKCDrfzkKvNOP2GfWl4UPNj-HFQjpMlkVms9e0RYsXRvugoEUfTMRqosAt9JPS3n8SuIOLub04qhAfpgnBPZLgip2la69oi_m1DC3xbrOpkfyefl9GPZ1NznK6PCO4IeOTl24_65gxGtZRIlJXOjm2lo-BA"}'}
2016-07-08 15:30:37,988:INFO:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
2016-07-08 15:30:38,474:DEBUG:requests.packages.urllib3.connectionpool:"POST /acme/new-authz HTTP/1.1" 201 997
2016-07-08 15:30:38,476:DEBUG:root:Received <Response [201]>. Headers: {'Content-Length': '997', 'Expires': 'Fri, 08 Jul 2016 15:30:38 GMT', 'Boulder-Request-Id': 'exE0StMYMRyHvZhsoeY5gpr4RjZqSIHwTVhmVEwlnQc', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Connection': 'keep-alive', 'Link': '<https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"', 'Location': 'https://acme-v01.api.letsencrypt.org/acme/authz/NZLIJJXF9eOlesysPBep46rttqwLtrW4xITvKO4m0BU', 'Pragma': 'no-cache', 'Boulder-Requester': '2538441', 'Date': 'Fri, 08 Jul 2016 15:30:38 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': 'sYD88XRIbKRmM6c6TR2RMqF9smRKpUgfRR6vW93yukE'}. Content: '{\n "identifier": {\n "type": "dns",\n "value": "mattia98.org"\n },\n "status": "pending",\n "expires": "2016-07-15T15:30:38.353277995Z",\n "challenges": [\n {\n "type": "dns-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/NZLIJJXF9eOlesysPBep46rttqwLtrW4xITvKO4m0BU/163861764",\n "token": "gyc-PjZ11Yo3EplHjniX_qqk1MerazX54QAm3vA6KWI"\n },\n {\n "type": "tls-sni-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/NZLIJJXF9eOlesysPBep46rttqwLtrW4xITvKO4m0BU/163861765",\n "token": "3kWeIUQWy9vF8oU2SKgr-wEXeohA3EuYlLERCffmBp8"\n },\n {\n "type": "http-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/NZLIJJXF9eOlesysPBep46rttqwLtrW4xITvKO4m0BU/163861766",\n "token": "CJyZLRqQ5RCt8q2y8x9Nrp5-mLaWDXcmGyD9TKzpk38"\n }\n ],\n "combinations": [\n [\n 1\n ],\n [\n 0\n ],\n [\n 2\n ]\n ]\n}'
2016-07-08 15:30:38,477:DEBUG:acme.client:Storing nonce: '\xb1\x80\xfc\xf1tHl\xa4f3\xa7:M\x1d\x912\xa1}\xb2dJ\xa5H\x1fE\x1e\xaf[\xdd\xf2\xbaA'
2016-07-08 15:30:38,477:DEBUG:acme.client:Received response <Response [201]> (headers: {'Content-Length': '997', 'Expires': 'Fri, 08 Jul 2016 15:30:38 GMT', 'Boulder-Request-Id': 'exE0StMYMRyHvZhsoeY5gpr4RjZqSIHwTVhmVEwlnQc', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Connection': 'keep-alive', 'Link': '<https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"', 'Location': 'https://acme-v01.api.letsencrypt.org/acme/authz/NZLIJJXF9eOlesysPBep46rttqwLtrW4xITvKO4m0BU', 'Pragma': 'no-cache', 'Boulder-Requester': '2538441', 'Date': 'Fri, 08 Jul 2016 15:30:38 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': 'sYD88XRIbKRmM6c6TR2RMqF9smRKpUgfRR6vW93yukE'}): '{\n "identifier": {\n "type": "dns",\n "value": "mattia98.org"\n },\n "status": "pending",\n "expires": "2016-07-15T15:30:38.353277995Z",\n "challenges": [\n {\n "type": "dns-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/NZLIJJXF9eOlesysPBep46rttqwLtrW4xITvKO4m0BU/163861764",\n "token": "gyc-PjZ11Yo3EplHjniX_qqk1MerazX54QAm3vA6KWI"\n },\n {\n "type": "tls-sni-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/NZLIJJXF9eOlesysPBep46rttqwLtrW4xITvKO4m0BU/163861765",\n "token": "3kWeIUQWy9vF8oU2SKgr-wEXeohA3EuYlLERCffmBp8"\n },\n {\n "type": "http-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/NZLIJJXF9eOlesysPBep46rttqwLtrW4xITvKO4m0BU/163861766",\n "token": "CJyZLRqQ5RCt8q2y8x9Nrp5-mLaWDXcmGyD9TKzpk38"\n }\n ],\n "combinations": [\n [\n 1\n ],\n [\n 0\n ],\n [\n 2\n ]\n ]\n}'
2016-07-08 15:30:38,478:DEBUG:acme.challenges:dns-01 was not recognized, full message: {u'status': u'pending', u'token': u'gyc-PjZ11Yo3EplHjniX_qqk1MerazX54QAm3vA6KWI', u'type': u'dns-01', u'uri': u'https://acme-v01.api.letsencrypt.org/acme/challenge/NZLIJJXF9eOlesysPBep46rttqwLtrW4xITvKO4m0BU/163861764'}
2016-07-08 15:30:38,478:INFO:letsencrypt.auth_handler:Performing the following challenges:
2016-07-08 15:30:38,479:INFO:letsencrypt.auth_handler:tls-sni-01 challenge for nextcloud.mattia98.org
2016-07-08 15:30:38,479:INFO:letsencrypt.auth_handler:tls-sni-01 challenge for mattia98.org
2016-07-08 15:30:39,129:DEBUG:letsencrypt_apache.tls_sni_01:Adding Include /etc/apache2/le_tls_sni_01_cert_challenge.conf to /files/etc/apache2/apache2.conf
2016-07-08 15:30:39,130:DEBUG:letsencrypt_apache.tls_sni_01:writing a config file with text:
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName ee4f8cf0d737d87fd1b172d09e932afa.6a81bd6a27ca58c1324a11a8f178f300.acme.invalid
UseCanonicalName on
SSLStrictSNIVHostCheck on
LimitRequestBody 1048576
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /var/lib/letsencrypt/p-LrTcx43lMdjo5jUcZwzC5oFlklQu9W1H6HkUAwIDQ.crt
SSLCertificateKeyFile /var/lib/letsencrypt/p-LrTcx43lMdjo5jUcZwzC5oFlklQu9W1H6HkUAwIDQ.pem
DocumentRoot /var/lib/letsencrypt/tls_sni_01_page/
</VirtualHost>
<VirtualHost *:443>
ServerName 288e75c418f3b55fa9ce4335bf672833.86b280ba5412aa994ce902544640544f.acme.invalid
UseCanonicalName on
SSLStrictSNIVHostCheck on
LimitRequestBody 1048576
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /var/lib/letsencrypt/3kWeIUQWy9vF8oU2SKgr-wEXeohA3EuYlLERCffmBp8.crt
SSLCertificateKeyFile /var/lib/letsencrypt/3kWeIUQWy9vF8oU2SKgr-wEXeohA3EuYlLERCffmBp8.pem
DocumentRoot /var/lib/letsencrypt/tls_sni_01_page/
</VirtualHost>
</IfModule>
2016-07-08 15:30:39,175:DEBUG:letsencrypt.reverter:Creating backup of /etc/apache2/apache2.conf
2016-07-08 15:30:39,429:ERROR:letsencrypt.le_util:Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
AH00112: Warning: DocumentRoot [/var/lib/letsencrypt/tls_sni_01_page/] does not exist
AH00112: Warning: DocumentRoot [/var/lib/letsencrypt/tls_sni_01_page/] does not exist
2016-07-08 15:30:39,430:DEBUG:letsencrypt.error_handler:Encountered exception:
Traceback (most recent call last):
File "/usr/lib/python2.7/dist-packages/letsencrypt/auth_handler.py", line 115, in _solve_challenges
dv_resp = self.dv_auth.perform(self.dv_c)
File "/usr/lib/python2.7/dist-packages/letsencrypt_apache/configurator.py", line 1554, in perform
self.restart()
File "/usr/lib/python2.7/dist-packages/letsencrypt_apache/configurator.py", line 1463, in restart
self._reload()
File "/usr/lib/python2.7/dist-packages/letsencrypt_apache/configurator.py", line 1474, in _reload
raise errors.MisconfigurationError(str(err))
MisconfigurationError: Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
AH00112: Warning: DocumentRoot [/var/lib/letsencrypt/tls_sni_01_page/] does not exist
AH00112: Warning: DocumentRoot [/var/lib/letsencrypt/tls_sni_01_page/] does not exist
2016-07-08 15:30:39,430:DEBUG:letsencrypt.error_handler:Calling registered functions
2016-07-08 15:30:39,431:INFO:letsencrypt.auth_handler:Cleaning up challenges
2016-07-08 15:30:39,653:ERROR:letsencrypt.le_util:Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
2016-07-08 15:30:39,653:ERROR:letsencrypt.error_handler:Encountered exception during recovery
2016-07-08 15:30:39,653:ERROR:letsencrypt.error_handler:Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
Traceback (most recent call last):
File "/usr/lib/python2.7/dist-packages/letsencrypt/error_handler.py", line 74, in call_registered
self.funcs[-1]()
File "/usr/lib/python2.7/dist-packages/letsencrypt/auth_handler.py", line 280, in _cleanup_challenges
self.dv_auth.cleanup(dv_c)
File "/usr/lib/python2.7/dist-packages/letsencrypt_apache/configurator.py", line 1575, in cleanup
self.restart()
File "/usr/lib/python2.7/dist-packages/letsencrypt_apache/configurator.py", line 1463, in restart
self._reload()
File "/usr/lib/python2.7/dist-packages/letsencrypt_apache/configurator.py", line 1474, in _reload
raise errors.MisconfigurationError(str(err))
MisconfigurationError: Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
2016-07-08 15:30:39,655:DEBUG:letsencrypt.cli:Exiting abnormally:
Traceback (most recent call last):
File "/usr/bin/letsencrypt", line 9, in <module>
load_entry_point('letsencrypt==0.4.1', 'console_scripts', 'letsencrypt')()
File "/usr/lib/python2.7/dist-packages/letsencrypt/cli.py", line 1986, in main
return config.func(config, plugins)
File "/usr/lib/python2.7/dist-packages/letsencrypt/cli.py", line 662, in run
lineage, action = _auth_from_domains(le_client, config, domains)
File "/usr/lib/python2.7/dist-packages/letsencrypt/cli.py", line 474, in _auth_from_domains
lineage = le_client.obtain_and_enroll_certificate(domains)
File "/usr/lib/python2.7/dist-packages/letsencrypt/client.py", line 269, in obtain_and_enroll_certificate
certr, chain, key, _ = self.obtain_certificate(domains)
File "/usr/lib/python2.7/dist-packages/letsencrypt/client.py", line 252, in obtain_certificate
return self.obtain_certificate_from_csr(domains, csr) + (key, csr)
File "/usr/lib/python2.7/dist-packages/letsencrypt/client.py", line 225, in obtain_certificate_from_csr
authzr = self.auth_handler.get_authorizations(domains)
File "/usr/lib/python2.7/dist-packages/letsencrypt/auth_handler.py", line 80, in get_authorizations
cont_resp, dv_resp = self._solve_challenges()
File "/usr/lib/python2.7/dist-packages/letsencrypt/auth_handler.py", line 115, in _solve_challenges
dv_resp = self.dv_auth.perform(self.dv_c)
File "/usr/lib/python2.7/dist-packages/letsencrypt_apache/configurator.py", line 1554, in perform
self.restart()
File "/usr/lib/python2.7/dist-packages/letsencrypt_apache/configurator.py", line 1463, in restart
self._reload()
File "/usr/lib/python2.7/dist-packages/letsencrypt_apache/configurator.py", line 1474, in _reload
raise errors.MisconfigurationError(str(err))
MisconfigurationError: Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
AH00112: Warning: DocumentRoot [/var/lib/letsencrypt/tls_sni_01_page/] does not exist
AH00112: Warning: DocumentRoot [/var/lib/letsencrypt/tls_sni_01_page/] does not exist
Esto parece un duplicado de #1783, sin embargo, le agradezco que proporcione un registro completo del problema. He mencionado este problema allí.
Tuve el mismo problema (la acción 'elegante' falló, Advertencia: la raíz del documento no existe). En mi caso, la razón parecía ser la configuración Apache SSL existente. No tenía certificados configurados (pensando que Letsencrypt se encargaría de eso). Agregar las siguientes líneas a mi configuración de Virtualhost hizo que el error desapareciera:
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
Confirmado con mis anfitriones virtuales también. Configurando previamente los hosts virtuales SSL con el certificado y la clave de Snakeoil, el certbot -Apache se instala perfectamente. Esto también eliminó los otros "errores" que se pueden encontrar y que también se analizan, como:
" urn:acme : error:malformed :: El mensaje de solicitud estaba mal formado :: El servidor solo habla HTTP, no TLS"
"desafío tls-sni-01: el servidor solo habla http, no tls"
"Advertencia: DocumentRoot [/var/lib/letsencrypt/tls_sni_01_page/] no existe"
Comentario más útil
Tuve el mismo problema (la acción 'elegante' falló, Advertencia: la raíz del documento no existe). En mi caso, la razón parecía ser la configuración Apache SSL existente. No tenía certificados configurados (pensando que Letsencrypt se encargaría de eso). Agregar las siguientes líneas a mi configuración de Virtualhost hizo que el error desapareciera:
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key