ねえ、私はちょうど私のサーバーを再インストールし、それによってUbuntu14.04から16.04にアップグレードしました。
Ubuntu14.04ではすべてが正常に機能しました。
しかし、Ubuntu 16.04では、Certbotが証明書を取得できません。
まず、apache2、php、postgres、およびcertbotをリポジトリ経由でインストールした後にsudo letsencrypt --apache --text -vvvvvを実行したときのログを次に示します。
user<strong i="10">@Server</strong>:~$ sudo cat /var/log/letsencrypt/letsencrypt.log
2016-07-08 15:30:26,402:DEBUG:letsencrypt.cli:Root logging level set at -20
2016-07-08 15:30:26,403:INFO:letsencrypt.cli:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2016-07-08 15:30:26,404:DEBUG:letsencrypt.cli:letsencrypt version: 0.4.1
2016-07-08 15:30:26,404:DEBUG:letsencrypt.cli:Arguments: ['--apache', '--text', '-vvvvv']
2016-07-08 15:30:26,404:DEBUG:letsencrypt.cli:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#webroot,PluginEntryPoint#null,PluginEntryPoint#manual,PluginEntryPoint#standalone)
2016-07-08 15:30:26,405:DEBUG:letsencrypt.cli:Requested authenticator apache and installer apache
2016-07-08 15:30:26,861:DEBUG:letsencrypt.display.ops:Single candidate plugin: * apache
Description: Apache Web Server - Alpha
Interfaces: IAuthenticator, IInstaller, IPlugin
Entry point: apache = letsencrypt_apache.configurator:ApacheConfigurator
Initialized: <letsencrypt_apache.configurator.ApacheConfigurator object at 0x7f4fa2d0f110>
Prep: True
2016-07-08 15:30:26,862:DEBUG:letsencrypt.cli:Selected authenticator <letsencrypt_apache.configurator.ApacheConfigurator object at 0x7f4fa2d0f110> and installer <letsencrypt_apache.configurator.ApacheConfigurator object at 0x7f4fa2d0f110>
2016-07-08 15:30:36,207:DEBUG:letsencrypt.cli:Picked account: <Account(5e1503fd131a8338a2d21866a6e202c6)>
2016-07-08 15:30:36,208:DEBUG:root:Sending GET request to https://acme-v01.api.letsencrypt.org/directory. args: (), kwargs: {}
2016-07-08 15:30:36,212:INFO:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
2016-07-08 15:30:36,783:DEBUG:requests.packages.urllib3.connectionpool:"GET /directory HTTP/1.1" 200 280
2016-07-08 15:30:36,786:DEBUG:root:Received <Response [200]>. Headers: {'Content-Length': '280', 'Expires': 'Fri, 08 Jul 2016 15:30:36 GMT', 'Boulder-Request-Id': 'PYGfztG4VlK9dwVTDwiVoHUbFRPIXGwvntjgxqUNRik', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Connection': 'keep-alive', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Fri, 08 Jul 2016 15:30:36 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': '0-KmJIn0g2KMLRf2m2yFf9w2MT8eDXUtJAmP23ycklI'}. Content: '{\n "new-authz": "https://acme-v01.api.letsencrypt.org/acme/new-authz",\n "new-cert": "https://acme-v01.api.letsencrypt.org/acme/new-cert",\n "new-reg": "https://acme-v01.api.letsencrypt.org/acme/new-reg",\n "revoke-cert": "https://acme-v01.api.letsencrypt.org/acme/revoke-cert"\n}'
2016-07-08 15:30:36,786:DEBUG:acme.client:Received response <Response [200]> (headers: {'Content-Length': '280', 'Expires': 'Fri, 08 Jul 2016 15:30:36 GMT', 'Boulder-Request-Id': 'PYGfztG4VlK9dwVTDwiVoHUbFRPIXGwvntjgxqUNRik', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Connection': 'keep-alive', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Fri, 08 Jul 2016 15:30:36 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': '0-KmJIn0g2KMLRf2m2yFf9w2MT8eDXUtJAmP23ycklI'}): '{\n "new-authz": "https://acme-v01.api.letsencrypt.org/acme/new-authz",\n "new-cert": "https://acme-v01.api.letsencrypt.org/acme/new-cert",\n "new-reg": "https://acme-v01.api.letsencrypt.org/acme/new-reg",\n "revoke-cert": "https://acme-v01.api.letsencrypt.org/acme/revoke-cert"\n}'
2016-07-08 15:30:36,940:INFO:letsencrypt.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0011_key-letsencrypt.pem
2016-07-08 15:30:36,943:INFO:letsencrypt.crypto_util:Creating CSR: /etc/letsencrypt/csr/0011_csr-letsencrypt.pem
2016-07-08 15:30:36,944:DEBUG:letsencrypt.client:CSR: CSR(file='/etc/letsencrypt/csr/0011_csr-letsencrypt.pem', data='0\x82\x02\xa80\x82\x01\x90\x02\x01\x020!1\x1f0\x1d\x06\x03U\x04\x03\x0c\x16nextcloud.mattia98.org0\x82\x01"0\r\x06\t*\x86H\x86\xf7\r\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\n\x02\x82\x01\x01\x00\xe6\xbe:9\xab\xceqz4\xcb\x02;W?\x1c\xf3\xc8\xe7G2,\xd3\xea\xea\xba7-|F#\xf9\xc8\x0c\x1bv]\xd0\xcc\xf1%\xcc\x8b{\x8e\x7fodX\xfd-\xf5i\xb6x\xdf\xab\xa7\xe8\x88/\x02\xd9\x0cu\x93\x8f\x1e\x87Ka"\xe7(\xe6\xb9\xff\t\x89;!\x1b\x04\xf9\xd4\xa0\xbc)\xd6\xad\xf4\xe5\xcfH\xfc\x9c\xe3k\x03\xdf\xeb\x9fP\xf6pN>wk\xdfX\x15\x1e(\xc1\xff\xf1Nn\xae\x7f\xf3^yZ\x9fx\xdbt\x01\xfa+\xdf\x1cm\xab(?&\x00]\xd8}\x98\x1c\xdf\x14\xd1\xf5\x92$\xab\x15\xb6\x83$p\xe4\xfe\xfeW\xff\x7f&\xb7\x87\x81I\xeb\xbcL\x96\x85iH\x02\x9a"\x06\xc8\xca\xa9g\xe8c\x9f\xf7\xe9}\\\x8bb\xdd\xfb\xf24\xedZ\x14\xc6}\x90\r\xadMZ\'x %\x84(&\x9d\xf0,H\x13\xae\x14\x89v\xf5Ua\x14\xdcv\x01W\xc5\xd8R=\x17\x97F\x16J\x05<bl\xfc\x0ccR\xd7\x97\xddSI\xc4\x0e\x028y\x02\x03\x01\x00\x01\xa0B0@\x06\t*\x86H\x86\xf7\r\x01\t\x0e13010/\x06\x03U\x1d\x11\x04(0&\x82\x16nextcloud.mattia98.org\x82\x0cmattia98.org0\r\x06\t*\x86H\x86\xf7\r\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00;\x1d\xca:\xbav\xad,\x93\x07\xb2S\x9f\xffVX$\x8d\xcb\xfd\xd9\xd8\xd7\xdfea\x10W\xb5\x81\xd8\x9e\x94S\xbe\x1aUG \xc9D\xcaF\x94V\x016\xf8\xc1I\xf6@b\x8d7\x91\x1c\xd6 \xe7\x19\xb8\x80Q\xa3a\xb3\xe0\x86\xb6\'\xf7\xce\x9cE\x86x\xae\xa1rG"\xc8\xbd\x12\x7f\xa3>\xeaN\xa8\xdb\xe89Wq6\xe8\xd0\xb2\x88j\xf4X\x1fFj-\x97\xf2\x1cnO\x8c5s\xc3\xa46P[\xf5\xd8\xed"\n\x18a\xfc\xf7"\x0f\x99\xe5\xee\xbe\x9auf\xf3\xcaE<6\x1e\xce\xf1\x99>\\\xe3\x0e\xb5\xf5O\t\xc8\x1f\xf69w\xfaG\xc6\x1f\xb7\x0cCDA\x8f\x0fX\x12l&\x9b\xcd\xc8j\xa4X\xdfn\xe9\xd2\x82\xa7\x05^ \x89\x98\x03\xe9\xb0\x06\xa2o\xfbp\x1a^]\x95a\x0bH\x1e\x84E\xa0:#\xa2\xddbi$\xa50T.\xf9\x1e\x92\t\x00\xdd\xd1yG\xdb\xde\xbb\xfb\x95\xf4\xc4\xc7\x10\xa1>\xed)\xa8\x8e\xed\xecgj\xab\x87V\xfeI', form='der'), domains: ['nextcloud.mattia98.org', 'mattia98.org']
2016-07-08 15:30:36,944:DEBUG:root:Requesting fresh nonce
2016-07-08 15:30:36,945:DEBUG:root:Sending HEAD request to https://acme-v01.api.letsencrypt.org/acme/new-authz. args: (), kwargs: {}
2016-07-08 15:30:36,946:INFO:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
2016-07-08 15:30:37,532:DEBUG:requests.packages.urllib3.connectionpool:"HEAD /acme/new-authz HTTP/1.1" 405 0
2016-07-08 15:30:37,534:DEBUG:root:Received <Response [405]>. Headers: {'Content-Length': '91', 'Pragma': 'no-cache', 'Boulder-Request-Id': 'JHdVDYTxHAiS5zsJfg6F3qklf1fDauN0eYAERFl13U8', 'Expires': 'Fri, 08 Jul 2016 15:30:37 GMT', 'Server': 'nginx', 'Connection': 'keep-alive', 'Allow': 'POST', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Fri, 08 Jul 2016 15:30:37 GMT', 'Content-Type': 'application/problem+json', 'Replay-Nonce': '7AnRjCaga22PYrBWhPrtL_4u7klzRN_VWXkOgDLv1H8'}. Content: ''
2016-07-08 15:30:37,535:DEBUG:acme.client:Storing nonce: '\xec\t\xd1\x8c&\xa0km\x8fb\xb0V\x84\xfa\xed/\xfe.\xeeIsD\xdf\xd5Yy\x0e\x802\xef\xd4\x7f'
2016-07-08 15:30:37,535:DEBUG:acme.jose.json_util:Omitted empty fields: challenges=None, combinations=None, status=None, expires=None
2016-07-08 15:30:37,535:DEBUG:acme.client:Serialized JSON: {"identifier": {"type": "dns", "value": "nextcloud.mattia98.org"}, "resource": "new-authz"}
2016-07-08 15:30:37,536:DEBUG:acme.jose.json_util:Omitted empty fields: x5c=(), x5tS256=None, cty=None, jku=None, x5u=None, x5t=None, crit=(), kid=None, jwk=None, typ=None, alg=None
2016-07-08 15:30:37,541:DEBUG:acme.jose.json_util:Omitted empty fields: x5c=(), x5tS256=None, cty=None, jku=None, x5u=None, nonce=None, crit=(), x5t=None, kid=None, typ=None
2016-07-08 15:30:37,541:DEBUG:root:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz. args: (), kwargs: {'data': '{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "0ZtqLvfsdse_etXITjBjpJXIkBtiI0RaAz3bI3mT9aVlS3lU3ydrwfwiMDkz-L30WQOoQM8qfY-UfwzzME7cLMO78Ys4FyHRcawxKAqW6qqEg70Er2kqsstVXzVHPRGu5B2UMBgHqJPRgNKEoBjUUg0gPiDVpOGhJs5Nsy_7cdYszV195bCWXoDjS_Ukhr_l2RSjn3QwGMmH-Qwi3NYWiRBh9ofTuB81lI1T4fOxpwsqCGI5kdxR7eDXCLAOrfsfLPgP-cyIFe0QAVuzPAzrCc9eRuakMGIw1XV6zyeFa8VFhwjkQwmfvzIQFbmRS3x_y2l-DogsetOORt2kbuQEfw"}}, "protected": "eyJub25jZSI6ICI3QW5SakNhZ2EyMlBZckJXaFBydExfNHU3a2x6Uk5fVldYa09nREx2MUg4In0", "payload": "eyJpZGVudGlmaWVyIjogeyJ0eXBlIjogImRucyIsICJ2YWx1ZSI6ICJuZXh0Y2xvdWQubWF0dGlhOTgub3JnIn0sICJyZXNvdXJjZSI6ICJuZXctYXV0aHoifQ", "signature": "V8USFes73cZQte3Ew-ZIOwKhRgqyn0R-gDI5fhGeciyXIjqqlFBkAnc4qCh9asCRKyvci-4q1PI0cdscld4UCvkpYRPYiWzinDbHzFgl7DIXqsQXDI8NOzGUfN8HDd_rClK_iWZZTl5RdD2MWC5DjgGqEB1iqJu0QR_0jqsB1ROrdkGy3KDvhQYS0Lk4_dR55TojcCI6hIteWaLxPkAEcesZHU_oS0dxwW2GZ7FI4t6CAhW3UiO-O4LrxxYVFECID8dkvD1tNQvAUAYtNtLEsbLdGPUAQc41O6CVAUXMnF74cAgiUhfCosMQI6byGUBOqIL0Vv5pT8UkzeNMCxghSQ"}'}
2016-07-08 15:30:37,542:INFO:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
2016-07-08 15:30:37,977:DEBUG:requests.packages.urllib3.connectionpool:"POST /acme/new-authz HTTP/1.1" 201 1007
2016-07-08 15:30:37,979:DEBUG:root:Received <Response [201]>. Headers: {'Content-Length': '1007', 'Expires': 'Fri, 08 Jul 2016 15:30:37 GMT', 'Boulder-Request-Id': 'J5teGhdGv8RdkGeEUMo-p68zH5u8vN1gsFW4102E8Q0', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Connection': 'keep-alive', 'Link': '<https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"', 'Location': 'https://acme-v01.api.letsencrypt.org/acme/authz/9DaiEmrBcFDec4QndyAxoT5U2vanpjrX3t0F31HsqTg', 'Pragma': 'no-cache', 'Boulder-Requester': '2538441', 'Date': 'Fri, 08 Jul 2016 15:30:37 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': 'khYlJM7O1VRbD7HqxYfVLGN2zVZ6DRfZEk5yLzq-fGE'}. Content: '{\n "identifier": {\n "type": "dns",\n "value": "nextcloud.mattia98.org"\n },\n "status": "pending",\n "expires": "2016-07-15T15:30:37.863196959Z",\n "challenges": [\n {\n "type": "http-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/9DaiEmrBcFDec4QndyAxoT5U2vanpjrX3t0F31HsqTg/163861749",\n "token": "6eGSUishHge1kTGdUcwU67lNg0qL3Y22hzEI4JSjBOY"\n },\n {\n "type": "dns-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/9DaiEmrBcFDec4QndyAxoT5U2vanpjrX3t0F31HsqTg/163861750",\n "token": "K5WQRe5_e2_iK0-PYdSLH9Rags-2Hb-1s1Xqe36msWQ"\n },\n {\n "type": "tls-sni-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/9DaiEmrBcFDec4QndyAxoT5U2vanpjrX3t0F31HsqTg/163861751",\n "token": "p-LrTcx43lMdjo5jUcZwzC5oFlklQu9W1H6HkUAwIDQ"\n }\n ],\n "combinations": [\n [\n 2\n ],\n [\n 0\n ],\n [\n 1\n ]\n ]\n}'
2016-07-08 15:30:37,980:DEBUG:acme.client:Storing nonce: '\x92\x16%$\xce\xce\xd5T[\x0f\xb1\xea\xc5\x87\xd5,cv\xcdVz\r\x17\xd9\x12Nr/:\xbe|a'
2016-07-08 15:30:37,980:DEBUG:acme.client:Received response <Response [201]> (headers: {'Content-Length': '1007', 'Expires': 'Fri, 08 Jul 2016 15:30:37 GMT', 'Boulder-Request-Id': 'J5teGhdGv8RdkGeEUMo-p68zH5u8vN1gsFW4102E8Q0', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Connection': 'keep-alive', 'Link': '<https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"', 'Location': 'https://acme-v01.api.letsencrypt.org/acme/authz/9DaiEmrBcFDec4QndyAxoT5U2vanpjrX3t0F31HsqTg', 'Pragma': 'no-cache', 'Boulder-Requester': '2538441', 'Date': 'Fri, 08 Jul 2016 15:30:37 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': 'khYlJM7O1VRbD7HqxYfVLGN2zVZ6DRfZEk5yLzq-fGE'}): '{\n "identifier": {\n "type": "dns",\n "value": "nextcloud.mattia98.org"\n },\n "status": "pending",\n "expires": "2016-07-15T15:30:37.863196959Z",\n "challenges": [\n {\n "type": "http-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/9DaiEmrBcFDec4QndyAxoT5U2vanpjrX3t0F31HsqTg/163861749",\n "token": "6eGSUishHge1kTGdUcwU67lNg0qL3Y22hzEI4JSjBOY"\n },\n {\n "type": "dns-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/9DaiEmrBcFDec4QndyAxoT5U2vanpjrX3t0F31HsqTg/163861750",\n "token": "K5WQRe5_e2_iK0-PYdSLH9Rags-2Hb-1s1Xqe36msWQ"\n },\n {\n "type": "tls-sni-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/9DaiEmrBcFDec4QndyAxoT5U2vanpjrX3t0F31HsqTg/163861751",\n "token": "p-LrTcx43lMdjo5jUcZwzC5oFlklQu9W1H6HkUAwIDQ"\n }\n ],\n "combinations": [\n [\n 2\n ],\n [\n 0\n ],\n [\n 1\n ]\n ]\n}'
2016-07-08 15:30:37,981:DEBUG:acme.challenges:dns-01 was not recognized, full message: {u'status': u'pending', u'token': u'K5WQRe5_e2_iK0-PYdSLH9Rags-2Hb-1s1Xqe36msWQ', u'type': u'dns-01', u'uri': u'https://acme-v01.api.letsencrypt.org/acme/challenge/9DaiEmrBcFDec4QndyAxoT5U2vanpjrX3t0F31HsqTg/163861750'}
2016-07-08 15:30:37,982:DEBUG:acme.jose.json_util:Omitted empty fields: challenges=None, combinations=None, status=None, expires=None
2016-07-08 15:30:37,982:DEBUG:acme.client:Serialized JSON: {"identifier": {"type": "dns", "value": "mattia98.org"}, "resource": "new-authz"}
2016-07-08 15:30:37,983:DEBUG:acme.jose.json_util:Omitted empty fields: x5c=(), x5tS256=None, cty=None, jku=None, x5u=None, x5t=None, crit=(), kid=None, jwk=None, typ=None, alg=None
2016-07-08 15:30:37,987:DEBUG:acme.jose.json_util:Omitted empty fields: x5c=(), x5tS256=None, cty=None, jku=None, x5u=None, nonce=None, crit=(), x5t=None, kid=None, typ=None
2016-07-08 15:30:37,987:DEBUG:root:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz. args: (), kwargs: {'data': '{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "0ZtqLvfsdse_etXITjBjpJXIkBtiI0RaAz3bI3mT9aVlS3lU3ydrwfwiMDkz-L30WQOoQM8qfY-UfwzzME7cLMO78Ys4FyHRcawxKAqW6qqEg70Er2kqsstVXzVHPRGu5B2UMBgHqJPRgNKEoBjUUg0gPiDVpOGhJs5Nsy_7cdYszV195bCWXoDjS_Ukhr_l2RSjn3QwGMmH-Qwi3NYWiRBh9ofTuB81lI1T4fOxpwsqCGI5kdxR7eDXCLAOrfsfLPgP-cyIFe0QAVuzPAzrCc9eRuakMGIw1XV6zyeFa8VFhwjkQwmfvzIQFbmRS3x_y2l-DogsetOORt2kbuQEfw"}}, "protected": "eyJub25jZSI6ICJraFlsSk03TzFWUmJEN0hxeFlmVkxHTjJ6Vlo2RFJmWkVrNXlMenEtZkdFIn0", "payload": "eyJpZGVudGlmaWVyIjogeyJ0eXBlIjogImRucyIsICJ2YWx1ZSI6ICJtYXR0aWE5OC5vcmcifSwgInJlc291cmNlIjogIm5ldy1hdXRoeiJ9", "signature": "utNx6n8fsljg6Hi2xuqMcmVHYgFUm_m29_CcwLdtMstVy_YvJjFNsIPexyOTeEjl1KA5axh3Lz9gHZz-j_tRgNrWutUJBvKD4xRKwA1gs8qJFh6hiUUo5Uncir_n7J8f_ihnMqRTZGAXuDShRLM11mUMAD5Cjum8awRuR12O0wW9XCyK2L4ARPOJiLWuKCDrfzkKvNOP2GfWl4UPNj-HFQjpMlkVms9e0RYsXRvugoEUfTMRqosAt9JPS3n8SuIOLub04qhAfpgnBPZLgip2la69oi_m1DC3xbrOpkfyefl9GPZ1NznK6PCO4IeOTl24_65gxGtZRIlJXOjm2lo-BA"}'}
2016-07-08 15:30:37,988:INFO:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
2016-07-08 15:30:38,474:DEBUG:requests.packages.urllib3.connectionpool:"POST /acme/new-authz HTTP/1.1" 201 997
2016-07-08 15:30:38,476:DEBUG:root:Received <Response [201]>. Headers: {'Content-Length': '997', 'Expires': 'Fri, 08 Jul 2016 15:30:38 GMT', 'Boulder-Request-Id': 'exE0StMYMRyHvZhsoeY5gpr4RjZqSIHwTVhmVEwlnQc', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Connection': 'keep-alive', 'Link': '<https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"', 'Location': 'https://acme-v01.api.letsencrypt.org/acme/authz/NZLIJJXF9eOlesysPBep46rttqwLtrW4xITvKO4m0BU', 'Pragma': 'no-cache', 'Boulder-Requester': '2538441', 'Date': 'Fri, 08 Jul 2016 15:30:38 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': 'sYD88XRIbKRmM6c6TR2RMqF9smRKpUgfRR6vW93yukE'}. Content: '{\n "identifier": {\n "type": "dns",\n "value": "mattia98.org"\n },\n "status": "pending",\n "expires": "2016-07-15T15:30:38.353277995Z",\n "challenges": [\n {\n "type": "dns-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/NZLIJJXF9eOlesysPBep46rttqwLtrW4xITvKO4m0BU/163861764",\n "token": "gyc-PjZ11Yo3EplHjniX_qqk1MerazX54QAm3vA6KWI"\n },\n {\n "type": "tls-sni-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/NZLIJJXF9eOlesysPBep46rttqwLtrW4xITvKO4m0BU/163861765",\n "token": "3kWeIUQWy9vF8oU2SKgr-wEXeohA3EuYlLERCffmBp8"\n },\n {\n "type": "http-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/NZLIJJXF9eOlesysPBep46rttqwLtrW4xITvKO4m0BU/163861766",\n "token": "CJyZLRqQ5RCt8q2y8x9Nrp5-mLaWDXcmGyD9TKzpk38"\n }\n ],\n "combinations": [\n [\n 1\n ],\n [\n 0\n ],\n [\n 2\n ]\n ]\n}'
2016-07-08 15:30:38,477:DEBUG:acme.client:Storing nonce: '\xb1\x80\xfc\xf1tHl\xa4f3\xa7:M\x1d\x912\xa1}\xb2dJ\xa5H\x1fE\x1e\xaf[\xdd\xf2\xbaA'
2016-07-08 15:30:38,477:DEBUG:acme.client:Received response <Response [201]> (headers: {'Content-Length': '997', 'Expires': 'Fri, 08 Jul 2016 15:30:38 GMT', 'Boulder-Request-Id': 'exE0StMYMRyHvZhsoeY5gpr4RjZqSIHwTVhmVEwlnQc', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Connection': 'keep-alive', 'Link': '<https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"', 'Location': 'https://acme-v01.api.letsencrypt.org/acme/authz/NZLIJJXF9eOlesysPBep46rttqwLtrW4xITvKO4m0BU', 'Pragma': 'no-cache', 'Boulder-Requester': '2538441', 'Date': 'Fri, 08 Jul 2016 15:30:38 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': 'sYD88XRIbKRmM6c6TR2RMqF9smRKpUgfRR6vW93yukE'}): '{\n "identifier": {\n "type": "dns",\n "value": "mattia98.org"\n },\n "status": "pending",\n "expires": "2016-07-15T15:30:38.353277995Z",\n "challenges": [\n {\n "type": "dns-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/NZLIJJXF9eOlesysPBep46rttqwLtrW4xITvKO4m0BU/163861764",\n "token": "gyc-PjZ11Yo3EplHjniX_qqk1MerazX54QAm3vA6KWI"\n },\n {\n "type": "tls-sni-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/NZLIJJXF9eOlesysPBep46rttqwLtrW4xITvKO4m0BU/163861765",\n "token": "3kWeIUQWy9vF8oU2SKgr-wEXeohA3EuYlLERCffmBp8"\n },\n {\n "type": "http-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/NZLIJJXF9eOlesysPBep46rttqwLtrW4xITvKO4m0BU/163861766",\n "token": "CJyZLRqQ5RCt8q2y8x9Nrp5-mLaWDXcmGyD9TKzpk38"\n }\n ],\n "combinations": [\n [\n 1\n ],\n [\n 0\n ],\n [\n 2\n ]\n ]\n}'
2016-07-08 15:30:38,478:DEBUG:acme.challenges:dns-01 was not recognized, full message: {u'status': u'pending', u'token': u'gyc-PjZ11Yo3EplHjniX_qqk1MerazX54QAm3vA6KWI', u'type': u'dns-01', u'uri': u'https://acme-v01.api.letsencrypt.org/acme/challenge/NZLIJJXF9eOlesysPBep46rttqwLtrW4xITvKO4m0BU/163861764'}
2016-07-08 15:30:38,478:INFO:letsencrypt.auth_handler:Performing the following challenges:
2016-07-08 15:30:38,479:INFO:letsencrypt.auth_handler:tls-sni-01 challenge for nextcloud.mattia98.org
2016-07-08 15:30:38,479:INFO:letsencrypt.auth_handler:tls-sni-01 challenge for mattia98.org
2016-07-08 15:30:39,129:DEBUG:letsencrypt_apache.tls_sni_01:Adding Include /etc/apache2/le_tls_sni_01_cert_challenge.conf to /files/etc/apache2/apache2.conf
2016-07-08 15:30:39,130:DEBUG:letsencrypt_apache.tls_sni_01:writing a config file with text:
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName ee4f8cf0d737d87fd1b172d09e932afa.6a81bd6a27ca58c1324a11a8f178f300.acme.invalid
UseCanonicalName on
SSLStrictSNIVHostCheck on
LimitRequestBody 1048576
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /var/lib/letsencrypt/p-LrTcx43lMdjo5jUcZwzC5oFlklQu9W1H6HkUAwIDQ.crt
SSLCertificateKeyFile /var/lib/letsencrypt/p-LrTcx43lMdjo5jUcZwzC5oFlklQu9W1H6HkUAwIDQ.pem
DocumentRoot /var/lib/letsencrypt/tls_sni_01_page/
</VirtualHost>
<VirtualHost *:443>
ServerName 288e75c418f3b55fa9ce4335bf672833.86b280ba5412aa994ce902544640544f.acme.invalid
UseCanonicalName on
SSLStrictSNIVHostCheck on
LimitRequestBody 1048576
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /var/lib/letsencrypt/3kWeIUQWy9vF8oU2SKgr-wEXeohA3EuYlLERCffmBp8.crt
SSLCertificateKeyFile /var/lib/letsencrypt/3kWeIUQWy9vF8oU2SKgr-wEXeohA3EuYlLERCffmBp8.pem
DocumentRoot /var/lib/letsencrypt/tls_sni_01_page/
</VirtualHost>
</IfModule>
2016-07-08 15:30:39,175:DEBUG:letsencrypt.reverter:Creating backup of /etc/apache2/apache2.conf
2016-07-08 15:30:39,429:ERROR:letsencrypt.le_util:Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
AH00112: Warning: DocumentRoot [/var/lib/letsencrypt/tls_sni_01_page/] does not exist
AH00112: Warning: DocumentRoot [/var/lib/letsencrypt/tls_sni_01_page/] does not exist
2016-07-08 15:30:39,430:DEBUG:letsencrypt.error_handler:Encountered exception:
Traceback (most recent call last):
File "/usr/lib/python2.7/dist-packages/letsencrypt/auth_handler.py", line 115, in _solve_challenges
dv_resp = self.dv_auth.perform(self.dv_c)
File "/usr/lib/python2.7/dist-packages/letsencrypt_apache/configurator.py", line 1554, in perform
self.restart()
File "/usr/lib/python2.7/dist-packages/letsencrypt_apache/configurator.py", line 1463, in restart
self._reload()
File "/usr/lib/python2.7/dist-packages/letsencrypt_apache/configurator.py", line 1474, in _reload
raise errors.MisconfigurationError(str(err))
MisconfigurationError: Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
AH00112: Warning: DocumentRoot [/var/lib/letsencrypt/tls_sni_01_page/] does not exist
AH00112: Warning: DocumentRoot [/var/lib/letsencrypt/tls_sni_01_page/] does not exist
2016-07-08 15:30:39,430:DEBUG:letsencrypt.error_handler:Calling registered functions
2016-07-08 15:30:39,431:INFO:letsencrypt.auth_handler:Cleaning up challenges
2016-07-08 15:30:39,653:ERROR:letsencrypt.le_util:Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
2016-07-08 15:30:39,653:ERROR:letsencrypt.error_handler:Encountered exception during recovery
2016-07-08 15:30:39,653:ERROR:letsencrypt.error_handler:Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
Traceback (most recent call last):
File "/usr/lib/python2.7/dist-packages/letsencrypt/error_handler.py", line 74, in call_registered
self.funcs[-1]()
File "/usr/lib/python2.7/dist-packages/letsencrypt/auth_handler.py", line 280, in _cleanup_challenges
self.dv_auth.cleanup(dv_c)
File "/usr/lib/python2.7/dist-packages/letsencrypt_apache/configurator.py", line 1575, in cleanup
self.restart()
File "/usr/lib/python2.7/dist-packages/letsencrypt_apache/configurator.py", line 1463, in restart
self._reload()
File "/usr/lib/python2.7/dist-packages/letsencrypt_apache/configurator.py", line 1474, in _reload
raise errors.MisconfigurationError(str(err))
MisconfigurationError: Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
2016-07-08 15:30:39,655:DEBUG:letsencrypt.cli:Exiting abnormally:
Traceback (most recent call last):
File "/usr/bin/letsencrypt", line 9, in <module>
load_entry_point('letsencrypt==0.4.1', 'console_scripts', 'letsencrypt')()
File "/usr/lib/python2.7/dist-packages/letsencrypt/cli.py", line 1986, in main
return config.func(config, plugins)
File "/usr/lib/python2.7/dist-packages/letsencrypt/cli.py", line 662, in run
lineage, action = _auth_from_domains(le_client, config, domains)
File "/usr/lib/python2.7/dist-packages/letsencrypt/cli.py", line 474, in _auth_from_domains
lineage = le_client.obtain_and_enroll_certificate(domains)
File "/usr/lib/python2.7/dist-packages/letsencrypt/client.py", line 269, in obtain_and_enroll_certificate
certr, chain, key, _ = self.obtain_certificate(domains)
File "/usr/lib/python2.7/dist-packages/letsencrypt/client.py", line 252, in obtain_certificate
return self.obtain_certificate_from_csr(domains, csr) + (key, csr)
File "/usr/lib/python2.7/dist-packages/letsencrypt/client.py", line 225, in obtain_certificate_from_csr
authzr = self.auth_handler.get_authorizations(domains)
File "/usr/lib/python2.7/dist-packages/letsencrypt/auth_handler.py", line 80, in get_authorizations
cont_resp, dv_resp = self._solve_challenges()
File "/usr/lib/python2.7/dist-packages/letsencrypt/auth_handler.py", line 115, in _solve_challenges
dv_resp = self.dv_auth.perform(self.dv_c)
File "/usr/lib/python2.7/dist-packages/letsencrypt_apache/configurator.py", line 1554, in perform
self.restart()
File "/usr/lib/python2.7/dist-packages/letsencrypt_apache/configurator.py", line 1463, in restart
self._reload()
File "/usr/lib/python2.7/dist-packages/letsencrypt_apache/configurator.py", line 1474, in _reload
raise errors.MisconfigurationError(str(err))
MisconfigurationError: Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
AH00112: Warning: DocumentRoot [/var/lib/letsencrypt/tls_sni_01_page/] does not exist
AH00112: Warning: DocumentRoot [/var/lib/letsencrypt/tls_sni_01_page/] does not exist
duplicate
Mattia98
全てのコメント3件
これは#1783の複製のように見えますが、問題の完全なログを提供していただきありがとうございます。 私はそこでこの問題について言及しました。
bmw
2016年07月08日
同じ問題が発生しました(アクション 'graceful'が失敗しました、警告:ドキュメントルートが存在しません)。 私の場合、その理由は既存のApacheSSL構成にあるようです。 私は証明書を構成していませんでした(Letsencryptがそれを処理すると思います)。 Virtualhost構成に次の行を追加すると、エラーが消えました。
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
bastian-bramblecloud
2016年09月02日
👍11
🎉5
私の仮想ホストでも確認しました。 snakeoil証明書とキーを使用してSSL仮想ホストを事前構成すると、certbot-apacheが完全にインストールされます。 これにより、次のような、検出されて説明される可能性のある他のさまざまな「エラー」も排除されました。
" urn:acme : error:malformed ::リクエストメッセージは不正な形式でした::サーバーはHTTPのみを話し、TLSは話しません"
「tls-sni-01チャレンジ:サーバーはhttpのみを話し、tlsは話しません」
警告:DocumentRoot [/ var / lib / letsencrypt / tls_sni_01_page /]は存在しません」
UWXAdmin
2017年07月24日
このページは役に立ちましたか?
0 / 5 - 0 評価
関連する問題
pfigel
·
3コメント
DatanoiseTV
·
4コメント
SlavikCA
·
3コメント
GEEK-WALKER
·
3コメント
LouWii
·
4コメント
最も参考になるコメント
同じ問題が発生しました(アクション 'graceful'が失敗しました、警告:ドキュメントルートが存在しません)。 私の場合、その理由は既存のApacheSSL構成にあるようです。 私は証明書を構成していませんでした(Letsencryptがそれを処理すると思います)。 Virtualhost構成に次の行を追加すると、エラーが消えました。
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pemSSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key