Question

How To Secure Apache with Let's Encrypt on CentOS 9

I am failing to find a way to configure an SSL certificate for my droplet running on Centos 9 and an Apache server (version: 2.4.51). I tried to follow this tutorial but all the package managers I have searched (yum, snap & dnf) do not have the required python3-certbot-apache package nor any python*-certbot-apache package (Ofcourse, the turorial was meant for Centos 8 but I can’t find any reference to securing centos 9). Only snap has the certbot package but that’s not enough to help me at least just obtain an SSL certificate.

Any form of help will be greatly appreciated.

Oooh, just incase this might have valueable information for the bright minds, here are the error logs I get if I try to run, for example, sudo certbot --apache:

2022-04-01 15:54:42,360:DEBUG:urllib3.connectionpool:http://localhost:None "GET /v2/connections?snap=certbot&interface=content HTTP/1.1" 200 97
2022-04-01 15:54:42,830:DEBUG:certbot._internal.main:certbot version: 1.25.0
2022-04-01 15:54:42,831:DEBUG:certbot._internal.main:Location of certbot entry point: /snap/certbot/1888/bin/certbot
2022-04-01 15:54:42,831:DEBUG:certbot._internal.main:Arguments: ['--apache', '--preconfigured-renewal']
2022-04-01 15:54:42,831:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2022-04-01 15:54:42,846:DEBUG:certbot._internal.log:Root logging level set at 30
2022-04-01 15:54:42,847:DEBUG:certbot._internal.plugins.selection:Requested authenticator apache and installer apache
2022-04-01 15:54:42,943:DEBUG:certbot_apache._internal.configurator:Apache version is 2.4.51
2022-04-01 15:54:42,986:WARNING:certbot_apache._internal.apache_util:Error in checking parameter list:
2022-04-01 15:54:42,986:DEBUG:certbot._internal.plugins.disco:Misconfigured PluginEntryPoint#apache: Apache is unable to check whether or not the module is loaded because Apache is misconfigured.
Traceback (most recent call last):
  File "/var/lib/snapd/snap/certbot/1888/lib/python3.8/site-packages/certbot/_internal/plugins/disco.py", line 160, in prepare
    self._initialized.prepare()
  File "/var/lib/snapd/snap/certbot/1888/lib/python3.8/site-packages/certbot_apache/_internal/configurator.py", line 368, in prepare
    self.parser = self.get_parser()
  File "/var/lib/snapd/snap/certbot/1888/lib/python3.8/site-packages/certbot_apache/_internal/override_centos.py", line 79, in get_parser
    return CentOSParser(
  File "/var/lib/snapd/snap/certbot/1888/lib/python3.8/site-packages/certbot_apache/_internal/override_centos.py", line 164, in __init__
    super().__init__(*args, **kwargs)
  File "/var/lib/snapd/snap/certbot/1888/lib/python3.8/site-packages/certbot_apache/_internal/parser.py", line 79, in __init__
    self.update_runtime_variables()
  File "/var/lib/snapd/snap/certbot/1888/lib/python3.8/site-packages/certbot_apache/_internal/override_centos.py", line 169, in update_runtime_variables
    super().update_runtime_variables()
  File "/var/lib/snapd/snap/certbot/1888/lib/python3.8/site-packages/certbot_apache/_internal/parser.py", line 299, in update_runtime_variables
    self.update_defines()
  File "/var/lib/snapd/snap/certbot/1888/lib/python3.8/site-packages/certbot_apache/_internal/parser.py", line 305, in update_defines
    self.variables = apache_util.parse_defines(self.configurator.options.ctl)
  File "/var/lib/snapd/snap/certbot/1888/lib/python3.8/site-packages/certbot_apache/_internal/apache_util.py", line 153, in parse_defines
    matches = parse_from_subprocess(define_cmd, r"Define: ([^ \n]*)")
  File "/var/lib/snapd/snap/certbot/1888/lib/python3.8/site-packages/certbot_apache/_internal/apache_util.py", line 208, in parse_from_subprocess
    stdout = _get_runtime_cfg(command)
  File "/var/lib/snapd/snap/certbot/1888/lib/python3.8/site-packages/certbot_apache/_internal/apache_util.py", line 241, in _get_runtime_cfg
    raise errors.MisconfigurationError(
certbot.errors.MisconfigurationError: Apache is unable to check whether or not the module is loaded because Apache is misconfigured.
2022-04-01 15:54:42,988:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * apache
Description: Apache Web Server plugin
Interfaces: Installer, Authenticator, Plugin
Entry point: apache = certbot_apache._internal.entrypoint:ENTRYPOINT
Initialized: <certbot_apache._internal.override_centos.CentOSConfigurator object at 0x7f22eb51d9d0>
Prep: Apache is unable to check whether or not the module is loaded because Apache is misconfigured.
2022-04-01 15:54:42,989:DEBUG:certbot._internal.plugins.selection:Selected authenticator None and installer None

Subscribe
Share

Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Hello,

I believe that the issue that you are seeing is due to the fact that there is still no certbot package available for CentOS Stream 9.

You would need to wait for this to be available as the package for CentOS 8 would not work with CentOS Stream.

An alternative approach to waiting would be to spin up a Debian or Ubuntu server and use it instead of CentOS Stream 9.

Best,

Bobby