Resolving a certbot apache plugin syntax error
I got an email yesterday showing that one of my TLS certificates had failed to renew.
Looking in the log - /var/log/letsencrypt/letsencrypt.log - I saw:
2022-04-12 20:49:35,195:DEBUG:certbot_apache._internal.configurator:Apache version is 2.4.53
2022-04-12 20:49:35,844:DEBUG:certbot._internal.plugins.disco:Other error:(PluginEntryPoint#apache): There has been an error in parsing the file /etc/apache2/sites-enabled/decoded.legal-tor-ssh.conf on line 159: Syntax error
(Technically, for the eagle-eyed, this particular log entry was created when I attempted to re-run certbot just now.)
Weird, because apache is running fine.
I’d normally test for an apache config issue with apachectl configtest, and so I did, and it was clear. Which is consistent with apache running fine.
I took a look at the config file shown in the error message, and there was indeed an error: I had failed to close the opening tag, <IfModule mod_ssl.c>.
I closed the tag - </IfModule> - and re-ran certbot, and it was fine.
You may also like:
- Temporarily and automatically changing firewall rules to permit Lets Encrypt certificate renewals
- Brave, Tor, and http-only .onion sites
- Upgrading my .onion site to https
- Safer Internet Day 2022. At least we know what were trying to achieve. Right?
- End to end encryption, and services which let you meet and message people you do not already know
- A prohibition on end to end encryption could leave you with #NoPlaceToHide. And that's not a good thing.
- The end to end encryption debate: 1: the (very) basics of encryption
- Installing Mobian with full disk encryption on PinePhone
- Changing a (known) LUKS passphrase
- Making [vulnerable group] safe online: unpicking those who spin a line to sell their proposal
- Unlocking a LUKS-encrypted partition via ssh on Debian 10 and Debian 11
- DNS-over-https on macOS and iOS
- Supervision is not the same as total surveillance