Certbot: Certbot ne parvient pas à obtenir des certificats sous Ubuntu 16.04
Hé, je viens de réinstaller mon serveur et de passer d'Ubuntu 14.04 à 16.04.
Tout fonctionnait bien sous Ubuntu 14.04.
Mais maintenant, sur Ubuntu 16.04, Certbot ne parvient pas à obtenir mes certificats.
Tout d'abord, voici les journaux lorsque j'exécute sudo letsencrypt --apache --text -vvvvv après avoir installé apache2, php, postgres et certbot via des référentiels.
user<strong i="10">@Server</strong>:~$ sudo cat /var/log/letsencrypt/letsencrypt.log
2016-07-08 15:30:26,402:DEBUG:letsencrypt.cli:Root logging level set at -20
2016-07-08 15:30:26,403:INFO:letsencrypt.cli:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2016-07-08 15:30:26,404:DEBUG:letsencrypt.cli:letsencrypt version: 0.4.1
2016-07-08 15:30:26,404:DEBUG:letsencrypt.cli:Arguments: ['--apache', '--text', '-vvvvv']
2016-07-08 15:30:26,404:DEBUG:letsencrypt.cli:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#webroot,PluginEntryPoint#null,PluginEntryPoint#manual,PluginEntryPoint#standalone)
2016-07-08 15:30:26,405:DEBUG:letsencrypt.cli:Requested authenticator apache and installer apache
2016-07-08 15:30:26,861:DEBUG:letsencrypt.display.ops:Single candidate plugin: * apache
Description: Apache Web Server - Alpha
Interfaces: IAuthenticator, IInstaller, IPlugin
Entry point: apache = letsencrypt_apache.configurator:ApacheConfigurator
Initialized: <letsencrypt_apache.configurator.ApacheConfigurator object at 0x7f4fa2d0f110>
Prep: True
2016-07-08 15:30:26,862:DEBUG:letsencrypt.cli:Selected authenticator <letsencrypt_apache.configurator.ApacheConfigurator object at 0x7f4fa2d0f110> and installer <letsencrypt_apache.configurator.ApacheConfigurator object at 0x7f4fa2d0f110>
2016-07-08 15:30:36,207:DEBUG:letsencrypt.cli:Picked account: <Account(5e1503fd131a8338a2d21866a6e202c6)>
2016-07-08 15:30:36,208:DEBUG:root:Sending GET request to https://acme-v01.api.letsencrypt.org/directory. args: (), kwargs: {}
2016-07-08 15:30:36,212:INFO:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
2016-07-08 15:30:36,783:DEBUG:requests.packages.urllib3.connectionpool:"GET /directory HTTP/1.1" 200 280
2016-07-08 15:30:36,786:DEBUG:root:Received <Response [200]>. Headers: {'Content-Length': '280', 'Expires': 'Fri, 08 Jul 2016 15:30:36 GMT', 'Boulder-Request-Id': 'PYGfztG4VlK9dwVTDwiVoHUbFRPIXGwvntjgxqUNRik', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Connection': 'keep-alive', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Fri, 08 Jul 2016 15:30:36 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': '0-KmJIn0g2KMLRf2m2yFf9w2MT8eDXUtJAmP23ycklI'}. Content: '{\n "new-authz": "https://acme-v01.api.letsencrypt.org/acme/new-authz",\n "new-cert": "https://acme-v01.api.letsencrypt.org/acme/new-cert",\n "new-reg": "https://acme-v01.api.letsencrypt.org/acme/new-reg",\n "revoke-cert": "https://acme-v01.api.letsencrypt.org/acme/revoke-cert"\n}'
2016-07-08 15:30:36,786:DEBUG:acme.client:Received response <Response [200]> (headers: {'Content-Length': '280', 'Expires': 'Fri, 08 Jul 2016 15:30:36 GMT', 'Boulder-Request-Id': 'PYGfztG4VlK9dwVTDwiVoHUbFRPIXGwvntjgxqUNRik', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Connection': 'keep-alive', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Fri, 08 Jul 2016 15:30:36 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': '0-KmJIn0g2KMLRf2m2yFf9w2MT8eDXUtJAmP23ycklI'}): '{\n "new-authz": "https://acme-v01.api.letsencrypt.org/acme/new-authz",\n "new-cert": "https://acme-v01.api.letsencrypt.org/acme/new-cert",\n "new-reg": "https://acme-v01.api.letsencrypt.org/acme/new-reg",\n "revoke-cert": "https://acme-v01.api.letsencrypt.org/acme/revoke-cert"\n}'
2016-07-08 15:30:36,940:INFO:letsencrypt.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0011_key-letsencrypt.pem
2016-07-08 15:30:36,943:INFO:letsencrypt.crypto_util:Creating CSR: /etc/letsencrypt/csr/0011_csr-letsencrypt.pem
2016-07-08 15:30:36,944:DEBUG:letsencrypt.client:CSR: CSR(file='/etc/letsencrypt/csr/0011_csr-letsencrypt.pem', data='0\x82\x02\xa80\x82\x01\x90\x02\x01\x020!1\x1f0\x1d\x06\x03U\x04\x03\x0c\x16nextcloud.mattia98.org0\x82\x01"0\r\x06\t*\x86H\x86\xf7\r\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\n\x02\x82\x01\x01\x00\xe6\xbe:9\xab\xceqz4\xcb\x02;W?\x1c\xf3\xc8\xe7G2,\xd3\xea\xea\xba7-|F#\xf9\xc8\x0c\x1bv]\xd0\xcc\xf1%\xcc\x8b{\x8e\x7fodX\xfd-\xf5i\xb6x\xdf\xab\xa7\xe8\x88/\x02\xd9\x0cu\x93\x8f\x1e\x87Ka"\xe7(\xe6\xb9\xff\t\x89;!\x1b\x04\xf9\xd4\xa0\xbc)\xd6\xad\xf4\xe5\xcfH\xfc\x9c\xe3k\x03\xdf\xeb\x9fP\xf6pN>wk\xdfX\x15\x1e(\xc1\xff\xf1Nn\xae\x7f\xf3^yZ\x9fx\xdbt\x01\xfa+\xdf\x1cm\xab(?&\x00]\xd8}\x98\x1c\xdf\x14\xd1\xf5\x92$\xab\x15\xb6\x83$p\xe4\xfe\xfeW\xff\x7f&\xb7\x87\x81I\xeb\xbcL\x96\x85iH\x02\x9a"\x06\xc8\xca\xa9g\xe8c\x9f\xf7\xe9}\\\x8bb\xdd\xfb\xf24\xedZ\x14\xc6}\x90\r\xadMZ\'x %\x84(&\x9d\xf0,H\x13\xae\x14\x89v\xf5Ua\x14\xdcv\x01W\xc5\xd8R=\x17\x97F\x16J\x05<bl\xfc\x0ccR\xd7\x97\xddSI\xc4\x0e\x028y\x02\x03\x01\x00\x01\xa0B0@\x06\t*\x86H\x86\xf7\r\x01\t\x0e13010/\x06\x03U\x1d\x11\x04(0&\x82\x16nextcloud.mattia98.org\x82\x0cmattia98.org0\r\x06\t*\x86H\x86\xf7\r\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00;\x1d\xca:\xbav\xad,\x93\x07\xb2S\x9f\xffVX$\x8d\xcb\xfd\xd9\xd8\xd7\xdfea\x10W\xb5\x81\xd8\x9e\x94S\xbe\x1aUG \xc9D\xcaF\x94V\x016\xf8\xc1I\xf6@b\x8d7\x91\x1c\xd6 \xe7\x19\xb8\x80Q\xa3a\xb3\xe0\x86\xb6\'\xf7\xce\x9cE\x86x\xae\xa1rG"\xc8\xbd\x12\x7f\xa3>\xeaN\xa8\xdb\xe89Wq6\xe8\xd0\xb2\x88j\xf4X\x1fFj-\x97\xf2\x1cnO\x8c5s\xc3\xa46P[\xf5\xd8\xed"\n\x18a\xfc\xf7"\x0f\x99\xe5\xee\xbe\x9auf\xf3\xcaE<6\x1e\xce\xf1\x99>\\\xe3\x0e\xb5\xf5O\t\xc8\x1f\xf69w\xfaG\xc6\x1f\xb7\x0cCDA\x8f\x0fX\x12l&\x9b\xcd\xc8j\xa4X\xdfn\xe9\xd2\x82\xa7\x05^ \x89\x98\x03\xe9\xb0\x06\xa2o\xfbp\x1a^]\x95a\x0bH\x1e\x84E\xa0:#\xa2\xddbi$\xa50T.\xf9\x1e\x92\t\x00\xdd\xd1yG\xdb\xde\xbb\xfb\x95\xf4\xc4\xc7\x10\xa1>\xed)\xa8\x8e\xed\xecgj\xab\x87V\xfeI', form='der'), domains: ['nextcloud.mattia98.org', 'mattia98.org']
2016-07-08 15:30:36,944:DEBUG:root:Requesting fresh nonce
2016-07-08 15:30:36,945:DEBUG:root:Sending HEAD request to https://acme-v01.api.letsencrypt.org/acme/new-authz. args: (), kwargs: {}
2016-07-08 15:30:36,946:INFO:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
2016-07-08 15:30:37,532:DEBUG:requests.packages.urllib3.connectionpool:"HEAD /acme/new-authz HTTP/1.1" 405 0
2016-07-08 15:30:37,534:DEBUG:root:Received <Response [405]>. Headers: {'Content-Length': '91', 'Pragma': 'no-cache', 'Boulder-Request-Id': 'JHdVDYTxHAiS5zsJfg6F3qklf1fDauN0eYAERFl13U8', 'Expires': 'Fri, 08 Jul 2016 15:30:37 GMT', 'Server': 'nginx', 'Connection': 'keep-alive', 'Allow': 'POST', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Fri, 08 Jul 2016 15:30:37 GMT', 'Content-Type': 'application/problem+json', 'Replay-Nonce': '7AnRjCaga22PYrBWhPrtL_4u7klzRN_VWXkOgDLv1H8'}. Content: ''
2016-07-08 15:30:37,535:DEBUG:acme.client:Storing nonce: '\xec\t\xd1\x8c&\xa0km\x8fb\xb0V\x84\xfa\xed/\xfe.\xeeIsD\xdf\xd5Yy\x0e\x802\xef\xd4\x7f'
2016-07-08 15:30:37,535:DEBUG:acme.jose.json_util:Omitted empty fields: challenges=None, combinations=None, status=None, expires=None
2016-07-08 15:30:37,535:DEBUG:acme.client:Serialized JSON: {"identifier": {"type": "dns", "value": "nextcloud.mattia98.org"}, "resource": "new-authz"}
2016-07-08 15:30:37,536:DEBUG:acme.jose.json_util:Omitted empty fields: x5c=(), x5tS256=None, cty=None, jku=None, x5u=None, x5t=None, crit=(), kid=None, jwk=None, typ=None, alg=None
2016-07-08 15:30:37,541:DEBUG:acme.jose.json_util:Omitted empty fields: x5c=(), x5tS256=None, cty=None, jku=None, x5u=None, nonce=None, crit=(), x5t=None, kid=None, typ=None
2016-07-08 15:30:37,541:DEBUG:root:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz. args: (), kwargs: {'data': '{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "0ZtqLvfsdse_etXITjBjpJXIkBtiI0RaAz3bI3mT9aVlS3lU3ydrwfwiMDkz-L30WQOoQM8qfY-UfwzzME7cLMO78Ys4FyHRcawxKAqW6qqEg70Er2kqsstVXzVHPRGu5B2UMBgHqJPRgNKEoBjUUg0gPiDVpOGhJs5Nsy_7cdYszV195bCWXoDjS_Ukhr_l2RSjn3QwGMmH-Qwi3NYWiRBh9ofTuB81lI1T4fOxpwsqCGI5kdxR7eDXCLAOrfsfLPgP-cyIFe0QAVuzPAzrCc9eRuakMGIw1XV6zyeFa8VFhwjkQwmfvzIQFbmRS3x_y2l-DogsetOORt2kbuQEfw"}}, "protected": "eyJub25jZSI6ICI3QW5SakNhZ2EyMlBZckJXaFBydExfNHU3a2x6Uk5fVldYa09nREx2MUg4In0", "payload": "eyJpZGVudGlmaWVyIjogeyJ0eXBlIjogImRucyIsICJ2YWx1ZSI6ICJuZXh0Y2xvdWQubWF0dGlhOTgub3JnIn0sICJyZXNvdXJjZSI6ICJuZXctYXV0aHoifQ", "signature": "V8USFes73cZQte3Ew-ZIOwKhRgqyn0R-gDI5fhGeciyXIjqqlFBkAnc4qCh9asCRKyvci-4q1PI0cdscld4UCvkpYRPYiWzinDbHzFgl7DIXqsQXDI8NOzGUfN8HDd_rClK_iWZZTl5RdD2MWC5DjgGqEB1iqJu0QR_0jqsB1ROrdkGy3KDvhQYS0Lk4_dR55TojcCI6hIteWaLxPkAEcesZHU_oS0dxwW2GZ7FI4t6CAhW3UiO-O4LrxxYVFECID8dkvD1tNQvAUAYtNtLEsbLdGPUAQc41O6CVAUXMnF74cAgiUhfCosMQI6byGUBOqIL0Vv5pT8UkzeNMCxghSQ"}'}
2016-07-08 15:30:37,542:INFO:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
2016-07-08 15:30:37,977:DEBUG:requests.packages.urllib3.connectionpool:"POST /acme/new-authz HTTP/1.1" 201 1007
2016-07-08 15:30:37,979:DEBUG:root:Received <Response [201]>. Headers: {'Content-Length': '1007', 'Expires': 'Fri, 08 Jul 2016 15:30:37 GMT', 'Boulder-Request-Id': 'J5teGhdGv8RdkGeEUMo-p68zH5u8vN1gsFW4102E8Q0', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Connection': 'keep-alive', 'Link': '<https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"', 'Location': 'https://acme-v01.api.letsencrypt.org/acme/authz/9DaiEmrBcFDec4QndyAxoT5U2vanpjrX3t0F31HsqTg', 'Pragma': 'no-cache', 'Boulder-Requester': '2538441', 'Date': 'Fri, 08 Jul 2016 15:30:37 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': 'khYlJM7O1VRbD7HqxYfVLGN2zVZ6DRfZEk5yLzq-fGE'}. Content: '{\n "identifier": {\n "type": "dns",\n "value": "nextcloud.mattia98.org"\n },\n "status": "pending",\n "expires": "2016-07-15T15:30:37.863196959Z",\n "challenges": [\n {\n "type": "http-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/9DaiEmrBcFDec4QndyAxoT5U2vanpjrX3t0F31HsqTg/163861749",\n "token": "6eGSUishHge1kTGdUcwU67lNg0qL3Y22hzEI4JSjBOY"\n },\n {\n "type": "dns-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/9DaiEmrBcFDec4QndyAxoT5U2vanpjrX3t0F31HsqTg/163861750",\n "token": "K5WQRe5_e2_iK0-PYdSLH9Rags-2Hb-1s1Xqe36msWQ"\n },\n {\n "type": "tls-sni-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/9DaiEmrBcFDec4QndyAxoT5U2vanpjrX3t0F31HsqTg/163861751",\n "token": "p-LrTcx43lMdjo5jUcZwzC5oFlklQu9W1H6HkUAwIDQ"\n }\n ],\n "combinations": [\n [\n 2\n ],\n [\n 0\n ],\n [\n 1\n ]\n ]\n}'
2016-07-08 15:30:37,980:DEBUG:acme.client:Storing nonce: '\x92\x16%$\xce\xce\xd5T[\x0f\xb1\xea\xc5\x87\xd5,cv\xcdVz\r\x17\xd9\x12Nr/:\xbe|a'
2016-07-08 15:30:37,980:DEBUG:acme.client:Received response <Response [201]> (headers: {'Content-Length': '1007', 'Expires': 'Fri, 08 Jul 2016 15:30:37 GMT', 'Boulder-Request-Id': 'J5teGhdGv8RdkGeEUMo-p68zH5u8vN1gsFW4102E8Q0', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Connection': 'keep-alive', 'Link': '<https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"', 'Location': 'https://acme-v01.api.letsencrypt.org/acme/authz/9DaiEmrBcFDec4QndyAxoT5U2vanpjrX3t0F31HsqTg', 'Pragma': 'no-cache', 'Boulder-Requester': '2538441', 'Date': 'Fri, 08 Jul 2016 15:30:37 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': 'khYlJM7O1VRbD7HqxYfVLGN2zVZ6DRfZEk5yLzq-fGE'}): '{\n "identifier": {\n "type": "dns",\n "value": "nextcloud.mattia98.org"\n },\n "status": "pending",\n "expires": "2016-07-15T15:30:37.863196959Z",\n "challenges": [\n {\n "type": "http-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/9DaiEmrBcFDec4QndyAxoT5U2vanpjrX3t0F31HsqTg/163861749",\n "token": "6eGSUishHge1kTGdUcwU67lNg0qL3Y22hzEI4JSjBOY"\n },\n {\n "type": "dns-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/9DaiEmrBcFDec4QndyAxoT5U2vanpjrX3t0F31HsqTg/163861750",\n "token": "K5WQRe5_e2_iK0-PYdSLH9Rags-2Hb-1s1Xqe36msWQ"\n },\n {\n "type": "tls-sni-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/9DaiEmrBcFDec4QndyAxoT5U2vanpjrX3t0F31HsqTg/163861751",\n "token": "p-LrTcx43lMdjo5jUcZwzC5oFlklQu9W1H6HkUAwIDQ"\n }\n ],\n "combinations": [\n [\n 2\n ],\n [\n 0\n ],\n [\n 1\n ]\n ]\n}'
2016-07-08 15:30:37,981:DEBUG:acme.challenges:dns-01 was not recognized, full message: {u'status': u'pending', u'token': u'K5WQRe5_e2_iK0-PYdSLH9Rags-2Hb-1s1Xqe36msWQ', u'type': u'dns-01', u'uri': u'https://acme-v01.api.letsencrypt.org/acme/challenge/9DaiEmrBcFDec4QndyAxoT5U2vanpjrX3t0F31HsqTg/163861750'}
2016-07-08 15:30:37,982:DEBUG:acme.jose.json_util:Omitted empty fields: challenges=None, combinations=None, status=None, expires=None
2016-07-08 15:30:37,982:DEBUG:acme.client:Serialized JSON: {"identifier": {"type": "dns", "value": "mattia98.org"}, "resource": "new-authz"}
2016-07-08 15:30:37,983:DEBUG:acme.jose.json_util:Omitted empty fields: x5c=(), x5tS256=None, cty=None, jku=None, x5u=None, x5t=None, crit=(), kid=None, jwk=None, typ=None, alg=None
2016-07-08 15:30:37,987:DEBUG:acme.jose.json_util:Omitted empty fields: x5c=(), x5tS256=None, cty=None, jku=None, x5u=None, nonce=None, crit=(), x5t=None, kid=None, typ=None
2016-07-08 15:30:37,987:DEBUG:root:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz. args: (), kwargs: {'data': '{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "0ZtqLvfsdse_etXITjBjpJXIkBtiI0RaAz3bI3mT9aVlS3lU3ydrwfwiMDkz-L30WQOoQM8qfY-UfwzzME7cLMO78Ys4FyHRcawxKAqW6qqEg70Er2kqsstVXzVHPRGu5B2UMBgHqJPRgNKEoBjUUg0gPiDVpOGhJs5Nsy_7cdYszV195bCWXoDjS_Ukhr_l2RSjn3QwGMmH-Qwi3NYWiRBh9ofTuB81lI1T4fOxpwsqCGI5kdxR7eDXCLAOrfsfLPgP-cyIFe0QAVuzPAzrCc9eRuakMGIw1XV6zyeFa8VFhwjkQwmfvzIQFbmRS3x_y2l-DogsetOORt2kbuQEfw"}}, "protected": "eyJub25jZSI6ICJraFlsSk03TzFWUmJEN0hxeFlmVkxHTjJ6Vlo2RFJmWkVrNXlMenEtZkdFIn0", "payload": "eyJpZGVudGlmaWVyIjogeyJ0eXBlIjogImRucyIsICJ2YWx1ZSI6ICJtYXR0aWE5OC5vcmcifSwgInJlc291cmNlIjogIm5ldy1hdXRoeiJ9", "signature": "utNx6n8fsljg6Hi2xuqMcmVHYgFUm_m29_CcwLdtMstVy_YvJjFNsIPexyOTeEjl1KA5axh3Lz9gHZz-j_tRgNrWutUJBvKD4xRKwA1gs8qJFh6hiUUo5Uncir_n7J8f_ihnMqRTZGAXuDShRLM11mUMAD5Cjum8awRuR12O0wW9XCyK2L4ARPOJiLWuKCDrfzkKvNOP2GfWl4UPNj-HFQjpMlkVms9e0RYsXRvugoEUfTMRqosAt9JPS3n8SuIOLub04qhAfpgnBPZLgip2la69oi_m1DC3xbrOpkfyefl9GPZ1NznK6PCO4IeOTl24_65gxGtZRIlJXOjm2lo-BA"}'}
2016-07-08 15:30:37,988:INFO:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
2016-07-08 15:30:38,474:DEBUG:requests.packages.urllib3.connectionpool:"POST /acme/new-authz HTTP/1.1" 201 997
2016-07-08 15:30:38,476:DEBUG:root:Received <Response [201]>. Headers: {'Content-Length': '997', 'Expires': 'Fri, 08 Jul 2016 15:30:38 GMT', 'Boulder-Request-Id': 'exE0StMYMRyHvZhsoeY5gpr4RjZqSIHwTVhmVEwlnQc', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Connection': 'keep-alive', 'Link': '<https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"', 'Location': 'https://acme-v01.api.letsencrypt.org/acme/authz/NZLIJJXF9eOlesysPBep46rttqwLtrW4xITvKO4m0BU', 'Pragma': 'no-cache', 'Boulder-Requester': '2538441', 'Date': 'Fri, 08 Jul 2016 15:30:38 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': 'sYD88XRIbKRmM6c6TR2RMqF9smRKpUgfRR6vW93yukE'}. Content: '{\n "identifier": {\n "type": "dns",\n "value": "mattia98.org"\n },\n "status": "pending",\n "expires": "2016-07-15T15:30:38.353277995Z",\n "challenges": [\n {\n "type": "dns-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/NZLIJJXF9eOlesysPBep46rttqwLtrW4xITvKO4m0BU/163861764",\n "token": "gyc-PjZ11Yo3EplHjniX_qqk1MerazX54QAm3vA6KWI"\n },\n {\n "type": "tls-sni-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/NZLIJJXF9eOlesysPBep46rttqwLtrW4xITvKO4m0BU/163861765",\n "token": "3kWeIUQWy9vF8oU2SKgr-wEXeohA3EuYlLERCffmBp8"\n },\n {\n "type": "http-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/NZLIJJXF9eOlesysPBep46rttqwLtrW4xITvKO4m0BU/163861766",\n "token": "CJyZLRqQ5RCt8q2y8x9Nrp5-mLaWDXcmGyD9TKzpk38"\n }\n ],\n "combinations": [\n [\n 1\n ],\n [\n 0\n ],\n [\n 2\n ]\n ]\n}'
2016-07-08 15:30:38,477:DEBUG:acme.client:Storing nonce: '\xb1\x80\xfc\xf1tHl\xa4f3\xa7:M\x1d\x912\xa1}\xb2dJ\xa5H\x1fE\x1e\xaf[\xdd\xf2\xbaA'
2016-07-08 15:30:38,477:DEBUG:acme.client:Received response <Response [201]> (headers: {'Content-Length': '997', 'Expires': 'Fri, 08 Jul 2016 15:30:38 GMT', 'Boulder-Request-Id': 'exE0StMYMRyHvZhsoeY5gpr4RjZqSIHwTVhmVEwlnQc', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Connection': 'keep-alive', 'Link': '<https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"', 'Location': 'https://acme-v01.api.letsencrypt.org/acme/authz/NZLIJJXF9eOlesysPBep46rttqwLtrW4xITvKO4m0BU', 'Pragma': 'no-cache', 'Boulder-Requester': '2538441', 'Date': 'Fri, 08 Jul 2016 15:30:38 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': 'sYD88XRIbKRmM6c6TR2RMqF9smRKpUgfRR6vW93yukE'}): '{\n "identifier": {\n "type": "dns",\n "value": "mattia98.org"\n },\n "status": "pending",\n "expires": "2016-07-15T15:30:38.353277995Z",\n "challenges": [\n {\n "type": "dns-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/NZLIJJXF9eOlesysPBep46rttqwLtrW4xITvKO4m0BU/163861764",\n "token": "gyc-PjZ11Yo3EplHjniX_qqk1MerazX54QAm3vA6KWI"\n },\n {\n "type": "tls-sni-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/NZLIJJXF9eOlesysPBep46rttqwLtrW4xITvKO4m0BU/163861765",\n "token": "3kWeIUQWy9vF8oU2SKgr-wEXeohA3EuYlLERCffmBp8"\n },\n {\n "type": "http-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/NZLIJJXF9eOlesysPBep46rttqwLtrW4xITvKO4m0BU/163861766",\n "token": "CJyZLRqQ5RCt8q2y8x9Nrp5-mLaWDXcmGyD9TKzpk38"\n }\n ],\n "combinations": [\n [\n 1\n ],\n [\n 0\n ],\n [\n 2\n ]\n ]\n}'
2016-07-08 15:30:38,478:DEBUG:acme.challenges:dns-01 was not recognized, full message: {u'status': u'pending', u'token': u'gyc-PjZ11Yo3EplHjniX_qqk1MerazX54QAm3vA6KWI', u'type': u'dns-01', u'uri': u'https://acme-v01.api.letsencrypt.org/acme/challenge/NZLIJJXF9eOlesysPBep46rttqwLtrW4xITvKO4m0BU/163861764'}
2016-07-08 15:30:38,478:INFO:letsencrypt.auth_handler:Performing the following challenges:
2016-07-08 15:30:38,479:INFO:letsencrypt.auth_handler:tls-sni-01 challenge for nextcloud.mattia98.org
2016-07-08 15:30:38,479:INFO:letsencrypt.auth_handler:tls-sni-01 challenge for mattia98.org
2016-07-08 15:30:39,129:DEBUG:letsencrypt_apache.tls_sni_01:Adding Include /etc/apache2/le_tls_sni_01_cert_challenge.conf to /files/etc/apache2/apache2.conf
2016-07-08 15:30:39,130:DEBUG:letsencrypt_apache.tls_sni_01:writing a config file with text:
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName ee4f8cf0d737d87fd1b172d09e932afa.6a81bd6a27ca58c1324a11a8f178f300.acme.invalid
UseCanonicalName on
SSLStrictSNIVHostCheck on
LimitRequestBody 1048576
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /var/lib/letsencrypt/p-LrTcx43lMdjo5jUcZwzC5oFlklQu9W1H6HkUAwIDQ.crt
SSLCertificateKeyFile /var/lib/letsencrypt/p-LrTcx43lMdjo5jUcZwzC5oFlklQu9W1H6HkUAwIDQ.pem
DocumentRoot /var/lib/letsencrypt/tls_sni_01_page/
</VirtualHost>
<VirtualHost *:443>
ServerName 288e75c418f3b55fa9ce4335bf672833.86b280ba5412aa994ce902544640544f.acme.invalid
UseCanonicalName on
SSLStrictSNIVHostCheck on
LimitRequestBody 1048576
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /var/lib/letsencrypt/3kWeIUQWy9vF8oU2SKgr-wEXeohA3EuYlLERCffmBp8.crt
SSLCertificateKeyFile /var/lib/letsencrypt/3kWeIUQWy9vF8oU2SKgr-wEXeohA3EuYlLERCffmBp8.pem
DocumentRoot /var/lib/letsencrypt/tls_sni_01_page/
</VirtualHost>
</IfModule>
2016-07-08 15:30:39,175:DEBUG:letsencrypt.reverter:Creating backup of /etc/apache2/apache2.conf
2016-07-08 15:30:39,429:ERROR:letsencrypt.le_util:Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
AH00112: Warning: DocumentRoot [/var/lib/letsencrypt/tls_sni_01_page/] does not exist
AH00112: Warning: DocumentRoot [/var/lib/letsencrypt/tls_sni_01_page/] does not exist
2016-07-08 15:30:39,430:DEBUG:letsencrypt.error_handler:Encountered exception:
Traceback (most recent call last):
File "/usr/lib/python2.7/dist-packages/letsencrypt/auth_handler.py", line 115, in _solve_challenges
dv_resp = self.dv_auth.perform(self.dv_c)
File "/usr/lib/python2.7/dist-packages/letsencrypt_apache/configurator.py", line 1554, in perform
self.restart()
File "/usr/lib/python2.7/dist-packages/letsencrypt_apache/configurator.py", line 1463, in restart
self._reload()
File "/usr/lib/python2.7/dist-packages/letsencrypt_apache/configurator.py", line 1474, in _reload
raise errors.MisconfigurationError(str(err))
MisconfigurationError: Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
AH00112: Warning: DocumentRoot [/var/lib/letsencrypt/tls_sni_01_page/] does not exist
AH00112: Warning: DocumentRoot [/var/lib/letsencrypt/tls_sni_01_page/] does not exist
2016-07-08 15:30:39,430:DEBUG:letsencrypt.error_handler:Calling registered functions
2016-07-08 15:30:39,431:INFO:letsencrypt.auth_handler:Cleaning up challenges
2016-07-08 15:30:39,653:ERROR:letsencrypt.le_util:Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
2016-07-08 15:30:39,653:ERROR:letsencrypt.error_handler:Encountered exception during recovery
2016-07-08 15:30:39,653:ERROR:letsencrypt.error_handler:Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
Traceback (most recent call last):
File "/usr/lib/python2.7/dist-packages/letsencrypt/error_handler.py", line 74, in call_registered
self.funcs[-1]()
File "/usr/lib/python2.7/dist-packages/letsencrypt/auth_handler.py", line 280, in _cleanup_challenges
self.dv_auth.cleanup(dv_c)
File "/usr/lib/python2.7/dist-packages/letsencrypt_apache/configurator.py", line 1575, in cleanup
self.restart()
File "/usr/lib/python2.7/dist-packages/letsencrypt_apache/configurator.py", line 1463, in restart
self._reload()
File "/usr/lib/python2.7/dist-packages/letsencrypt_apache/configurator.py", line 1474, in _reload
raise errors.MisconfigurationError(str(err))
MisconfigurationError: Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
2016-07-08 15:30:39,655:DEBUG:letsencrypt.cli:Exiting abnormally:
Traceback (most recent call last):
File "/usr/bin/letsencrypt", line 9, in <module>
load_entry_point('letsencrypt==0.4.1', 'console_scripts', 'letsencrypt')()
File "/usr/lib/python2.7/dist-packages/letsencrypt/cli.py", line 1986, in main
return config.func(config, plugins)
File "/usr/lib/python2.7/dist-packages/letsencrypt/cli.py", line 662, in run
lineage, action = _auth_from_domains(le_client, config, domains)
File "/usr/lib/python2.7/dist-packages/letsencrypt/cli.py", line 474, in _auth_from_domains
lineage = le_client.obtain_and_enroll_certificate(domains)
File "/usr/lib/python2.7/dist-packages/letsencrypt/client.py", line 269, in obtain_and_enroll_certificate
certr, chain, key, _ = self.obtain_certificate(domains)
File "/usr/lib/python2.7/dist-packages/letsencrypt/client.py", line 252, in obtain_certificate
return self.obtain_certificate_from_csr(domains, csr) + (key, csr)
File "/usr/lib/python2.7/dist-packages/letsencrypt/client.py", line 225, in obtain_certificate_from_csr
authzr = self.auth_handler.get_authorizations(domains)
File "/usr/lib/python2.7/dist-packages/letsencrypt/auth_handler.py", line 80, in get_authorizations
cont_resp, dv_resp = self._solve_challenges()
File "/usr/lib/python2.7/dist-packages/letsencrypt/auth_handler.py", line 115, in _solve_challenges
dv_resp = self.dv_auth.perform(self.dv_c)
File "/usr/lib/python2.7/dist-packages/letsencrypt_apache/configurator.py", line 1554, in perform
self.restart()
File "/usr/lib/python2.7/dist-packages/letsencrypt_apache/configurator.py", line 1463, in restart
self._reload()
File "/usr/lib/python2.7/dist-packages/letsencrypt_apache/configurator.py", line 1474, in _reload
raise errors.MisconfigurationError(str(err))
MisconfigurationError: Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
AH00112: Warning: DocumentRoot [/var/lib/letsencrypt/tls_sni_01_page/] does not exist
AH00112: Warning: DocumentRoot [/var/lib/letsencrypt/tls_sni_01_page/] does not exist
duplicate
Mattia98
Tous les 3 commentaires
Cela ressemble à un doublon de # 1783, cependant, je vous remercie de fournir un journal complet du problème. J'ai mentionné ce problème là.
bmw
le 8 juil. 2016
J'ai eu le même problème (l'action 'graceful' a échoué, avertissement : la racine du document n'existe pas). Dans mon cas, la raison semblait être la configuration Apache SSL existante. Je n'avais pas de certificats configurés (pensant que Letsencrypt s'en occuperait). L'ajout des lignes suivantes à ma configuration Virtualhost a fait disparaître l'erreur :
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
bastian-bramblecloud
le 2 sept. 2016
👍11
🎉5
Confirmé avec mes hôtes virtuels également. En préconfigurant les hôtes virtuels SSL avec le certificat et la clé snakeoil, le certbot -apache s'installe parfaitement. Cela a également éliminé les autres "erreurs" diverses qui peuvent être trouvées et sont également discutées, telles que :
" urn:acme : error:malformed :: Le message de requête était mal formé :: Le serveur ne parle que HTTP, pas TLS"
"défi tls-sni-01 : le serveur ne parle que http, pas tls"
"Attention : DocumentRoot [/var/lib/letsencrypt/tls_sni_01_page/] n'existe pas"
UWXAdmin
le 24 juil. 2017
Cette page vous a été utile?
0 / 5 - 0 notes
Questions connexes
realtebo
·
3Commentaires
NiklasMerz
·
3Commentaires
bmw
·
3Commentaires
pfigel
·
3Commentaires
redgluten
·
4Commentaires
Commentaire le plus utile
J'ai eu le même problème (l'action 'graceful' a échoué, avertissement : la racine du document n'existe pas). Dans mon cas, la raison semblait être la configuration Apache SSL existante. Je n'avais pas de certificats configurés (pensant que Letsencrypt s'en occuperait). L'ajout des lignes suivantes à ma configuration Virtualhost a fait disparaître l'erreur :
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pemSSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key