Question

How To Secure Apache with Let's Encrypt on CentOS 9

I am failing to find a way to configure an SSL certificate for my droplet running on Centos 9 and an Apache server (version: 2.4.51). I tried to follow this tutorial but all the package managers I have searched (yum, snap & dnf) do not have the required python3-certbot-apache package nor any python*-certbot-apache package (Ofcourse, the turorial was meant for Centos 8 but I can’t find any reference to securing centos 9). Only snap has the certbot package but that’s not enough to help me at least just obtain an SSL certificate.

Any form of help will be greatly appreciated.

Oooh, just incase this might have valueable information for the bright minds, here are the error logs I get if I try to run, for example, sudo certbot --apache:

2022-04-01 15:54:42,360:DEBUG:urllib3.connectionpool:http://localhost:None "GET /v2/connections?snap=certbot&interface=content HTTP/1.1" 200 97
2022-04-01 15:54:42,830:DEBUG:certbot._internal.main:certbot version: 1.25.0
2022-04-01 15:54:42,831:DEBUG:certbot._internal.main:Location of certbot entry point: /snap/certbot/1888/bin/certbot
2022-04-01 15:54:42,831:DEBUG:certbot._internal.main:Arguments: ['--apache', '--preconfigured-renewal']
2022-04-01 15:54:42,831:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2022-04-01 15:54:42,846:DEBUG:certbot._internal.log:Root logging level set at 30
2022-04-01 15:54:42,847:DEBUG:certbot._internal.plugins.selection:Requested authenticator apache and installer apache
2022-04-01 15:54:42,943:DEBUG:certbot_apache._internal.configurator:Apache version is 2.4.51
2022-04-01 15:54:42,986:WARNING:certbot_apache._internal.apache_util:Error in checking parameter list:
2022-04-01 15:54:42,986:DEBUG:certbot._internal.plugins.disco:Misconfigured PluginEntryPoint#apache: Apache is unable to check whether or not the module is loaded because Apache is misconfigured.
Traceback (most recent call last):
  File "/var/lib/snapd/snap/certbot/1888/lib/python3.8/site-packages/certbot/_internal/plugins/disco.py", line 160, in prepare
    self._initialized.prepare()
  File "/var/lib/snapd/snap/certbot/1888/lib/python3.8/site-packages/certbot_apache/_internal/configurator.py", line 368, in prepare
    self.parser = self.get_parser()
  File "/var/lib/snapd/snap/certbot/1888/lib/python3.8/site-packages/certbot_apache/_internal/override_centos.py", line 79, in get_parser
    return CentOSParser(
  File "/var/lib/snapd/snap/certbot/1888/lib/python3.8/site-packages/certbot_apache/_internal/override_centos.py", line 164, in __init__
    super().__init__(*args, **kwargs)
  File "/var/lib/snapd/snap/certbot/1888/lib/python3.8/site-packages/certbot_apache/_internal/parser.py", line 79, in __init__
    self.update_runtime_variables()
  File "/var/lib/snapd/snap/certbot/1888/lib/python3.8/site-packages/certbot_apache/_internal/override_centos.py", line 169, in update_runtime_variables
    super().update_runtime_variables()
  File "/var/lib/snapd/snap/certbot/1888/lib/python3.8/site-packages/certbot_apache/_internal/parser.py", line 299, in update_runtime_variables
    self.update_defines()
  File "/var/lib/snapd/snap/certbot/1888/lib/python3.8/site-packages/certbot_apache/_internal/parser.py", line 305, in update_defines
    self.variables = apache_util.parse_defines(self.configurator.options.ctl)
  File "/var/lib/snapd/snap/certbot/1888/lib/python3.8/site-packages/certbot_apache/_internal/apache_util.py", line 153, in parse_defines
    matches = parse_from_subprocess(define_cmd, r"Define: ([^ \n]*)")
  File "/var/lib/snapd/snap/certbot/1888/lib/python3.8/site-packages/certbot_apache/_internal/apache_util.py", line 208, in parse_from_subprocess
    stdout = _get_runtime_cfg(command)
  File "/var/lib/snapd/snap/certbot/1888/lib/python3.8/site-packages/certbot_apache/_internal/apache_util.py", line 241, in _get_runtime_cfg
    raise errors.MisconfigurationError(
certbot.errors.MisconfigurationError: Apache is unable to check whether or not the module is loaded because Apache is misconfigured.
2022-04-01 15:54:42,988:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * apache
Description: Apache Web Server plugin
Interfaces: Installer, Authenticator, Plugin
Entry point: apache = certbot_apache._internal.entrypoint:ENTRYPOINT
Initialized: <certbot_apache._internal.override_centos.CentOSConfigurator object at 0x7f22eb51d9d0>
Prep: Apache is unable to check whether or not the module is loaded because Apache is misconfigured.
2022-04-01 15:54:42,989:DEBUG:certbot._internal.plugins.selection:Selected authenticator None and installer None


Submit an answer


This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Bobby Iliev
Site Moderator
Site Moderator badge
April 21, 2022
Accepted Answer

Hello,

I believe that the issue that you are seeing is due to the fact that there is still no certbot package available for CentOS Stream 9.

You would need to wait for this to be available as the package for CentOS 8 would not work with CentOS Stream.

An alternative approach to waiting would be to spin up a Debian or Ubuntu server and use it instead of CentOS Stream 9.

Best,

Bobby

I believe this is now available.

yum install -y certbot or dnf install -y certbot

Use certbot certonly -d www.example.com then manually configure your web server to use the issued certificate and key.

Try DigitalOcean for free

Click below to sign up and get $200 of credit to try our products over 60 days!

Sign up

Get our biweekly newsletter

Sign up for Infrastructure as a Newsletter.

Hollie's Hub for Good

Working on improving health and education, reducing inequality, and spurring economic growth? We'd like to help.

Become a contributor

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Welcome to the developer cloud

DigitalOcean makes it simple to launch in the cloud and scale up as you grow — whether you're running one virtual machine or ten thousand.

Learn more
DigitalOcean Cloud Control Panel