Question

Certbot verification fails

Certbot returns the error:

Unable to find a virtual host listening on port 80 which is currently needed for Certbot to prove to the CA that you control your domain. Please add a virtual host for port 80.

This is after a fresh install. I’m keeping it simple and not using any virtual hosts, etc. Just a few pages in the /var/www/html directory. httpd is enabled and I can access the website in my browser.

What am I doing wrong?

Show comments

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Accepted Answer

As far as I know, Certbot supports virtual hosts only, so it won’t be able to proceed if you don’t have any configured. Try adding a basic virtual host like so and see if that helps:

<VirtualHost *:80>
    ServerAdmin admin@example.com
    ServerName example.com
    ServerAlias www.example.com
    DocumentRoot /var/www/html
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

In case anyone else runs into this: I’ve run into this problem before (and again today); apache is endlessly configurable, and the certbot apache module is not able to cope with every configuration. I have the document root for various virtual hosts in different directories. Even though apache is quite happy with this, the certbot module is not always happy. I solved my problem using the --apache-vhost-root option:

certbot --apache certonly --apache-vhost-root /var/www/html/www

and it solved my problem. For help see:

certbot --help apache

Also don’t forget to a2ensite 000-default