I have succesfully installed the latest Nextcloud using the Docker image. This has ben my method, worked just fine. Then I also wanted to install Collabora, using this method (which mainly follows the ‘official’ method.
Everything worked fine until I came to the point where I needed to install the certificates.
$ sudo certbot certonly -d collabora.example.com
I tried to follow the installation process (method 1), but this happened.
Saving debug log to /var/log/letsencrypt/letsencrypt.log
How would you like to authenticate with the ACME CA?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: Apache Web Server plugin - Beta (apache)
2: Spin up a temporary webserver (standalone)
3: Place files in webroot directory (webroot)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-3] then [enter] (press 'c' to cancel): 1
Plugins selected: Authenticator apache, Installer None
Enter email address (used for urgent renewal and security notices) (Enter 'c' to
cancel): letsencrypt_collabora@domain.tld
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server at
https://acme-v02.api.letsencrypt.org/directory
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(A)gree/(C)ancel: a
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let's Encrypt project and the non-profit
organization that develops Certbot? We'd like to send you email about our work
encrypting the web, EFF news, campaigns, and ways to support digital freedom.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: n
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for collabora.example.com
Enabled Apache rewrite module
Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
(98)Address already in use: AH00072: make_sock: could not bind to address [::]:80
(98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
AH00015: Unable to open logs
Unable to restart apache using ['apache2ctl', 'graceful']
Cleaning up challenges
Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
(98)Address already in use: AH00072: make_sock: could not bind to address [::]:80
(98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
AH00015: Unable to open logs
Unable to restart apache using ['apache2ctl', 'graceful']
Encountered exception during recovery:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/certbot_apache/configurator.py", line 2184, in _reload
util.run_script(self.option("restart_cmd"))
File "/usr/lib/python3/dist-packages/certbot/util.py", line 86, in run_script
raise errors.SubprocessError(msg)
certbot.errors.SubprocessError: Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
(98)Address already in use: AH00072: make_sock: could not bind to address [::]:80
(98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
AH00015: Unable to open logs
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 75, in handle_authorizations
resp = self._solve_challenges(aauthzrs)
File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 132, in _solve_challenges
resp = self.auth.perform(all_achalls)
File "/usr/lib/python3/dist-packages/certbot_apache/configurator.py", line 2286, in perform
self.restart()
File "/usr/lib/python3/dist-packages/certbot_apache/configurator.py", line 2174, in restart
self._reload()
File "/usr/lib/python3/dist-packages/certbot_apache/configurator.py", line 2202, in _reload
raise errors.MisconfigurationError(error)
certbot.errors.MisconfigurationError: Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
(98)Address already in use: AH00072: make_sock: could not bind to address [::]:80
(98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
AH00015: Unable to open logs
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/certbot_apache/configurator.py", line 2184, in _reload
util.run_script(self.option("restart_cmd"))
File "/usr/lib/python3/dist-packages/certbot/util.py", line 86, in run_script
raise errors.SubprocessError(msg)
certbot.errors.SubprocessError: Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
(98)Address already in use: AH00072: make_sock: could not bind to address [::]:80
(98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
AH00015: Unable to open logs
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/certbot/error_handler.py", line 108, in _call_registered
self.funcs[-1]()
File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 316, in _cleanup_challenges
self.auth.cleanup(achalls)
File "/usr/lib/python3/dist-packages/certbot_apache/configurator.py", line 2311, in cleanup
self.restart()
File "/usr/lib/python3/dist-packages/certbot_apache/configurator.py", line 2174, in restart
self._reload()
File "/usr/lib/python3/dist-packages/certbot_apache/configurator.py", line 2202, in _reload
raise errors.MisconfigurationError(error)
certbot.errors.MisconfigurationError: Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
(98)Address already in use: AH00072: make_sock: could not bind to address [::]:80
(98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
AH00015: Unable to open logs
Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
(98)Address already in use: AH00072: make_sock: could not bind to address [::]:80
(98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
AH00015: Unable to open logs
IMPORTANT NOTES:
- Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.
I tried some things…
$ sudo kill -9 $(sudo lsof -t -i:80)
$ sudo certbot certonly -d collabora.example.com
But I got a very similar error.
Saving debug log to /var/log/letsencrypt/letsencrypt.log
How would you like to authenticate with the ACME CA?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: Apache Web Server plugin - Beta (apache)
2: Spin up a temporary webserver (standalone)
3: Place files in webroot directory (webroot)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-3] then [enter] (press 'c' to cancel): 1
Plugins selected: Authenticator apache, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for collabora.example.com
Enabled Apache rewrite module
Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
(98)Address already in use: AH00072: make_sock: could not bind to address [::]:443
(98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:443
no listening sockets available, shutting down
AH00015: Unable to open logs
Unable to restart apache using ['apache2ctl', 'graceful']
Cleaning up challenges
Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
(98)Address already in use: AH00072: make_sock: could not bind to address [::]:443
(98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:443
no listening sockets available, shutting down
AH00015: Unable to open logs
Unable to restart apache using ['apache2ctl', 'graceful']
Encountered exception during recovery:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/certbot_apache/configurator.py", line 2184, in _reload
util.run_script(self.option("restart_cmd"))
File "/usr/lib/python3/dist-packages/certbot/util.py", line 86, in run_script
raise errors.SubprocessError(msg)
certbot.errors.SubprocessError: Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
(98)Address already in use: AH00072: make_sock: could not bind to address [::]:443
(98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:443
no listening sockets available, shutting down
AH00015: Unable to open logs
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 75, in handle_authorizations
resp = self._solve_challenges(aauthzrs)
File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 132, in _solve_challenges
resp = self.auth.perform(all_achalls)
File "/usr/lib/python3/dist-packages/certbot_apache/configurator.py", line 2286, in perform
self.restart()
File "/usr/lib/python3/dist-packages/certbot_apache/configurator.py", line 2174, in restart
self._reload()
File "/usr/lib/python3/dist-packages/certbot_apache/configurator.py", line 2202, in _reload
raise errors.MisconfigurationError(error)
certbot.errors.MisconfigurationError: Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
(98)Address already in use: AH00072: make_sock: could not bind to address [::]:443
(98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:443
no listening sockets available, shutting down
AH00015: Unable to open logs
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/certbot_apache/configurator.py", line 2184, in _reload
util.run_script(self.option("restart_cmd"))
File "/usr/lib/python3/dist-packages/certbot/util.py", line 86, in run_script
raise errors.SubprocessError(msg)
certbot.errors.SubprocessError: Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
(98)Address already in use: AH00072: make_sock: could not bind to address [::]:443
(98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:443
no listening sockets available, shutting down
AH00015: Unable to open logs
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/certbot/error_handler.py", line 108, in _call_registered
self.funcs[-1]()
File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 316, in _cleanup_challenges
self.auth.cleanup(achalls)
File "/usr/lib/python3/dist-packages/certbot_apache/configurator.py", line 2311, in cleanup
self.restart()
File "/usr/lib/python3/dist-packages/certbot_apache/configurator.py", line 2174, in restart
self._reload()
File "/usr/lib/python3/dist-packages/certbot_apache/configurator.py", line 2202, in _reload
raise errors.MisconfigurationError(error)
certbot.errors.MisconfigurationError: Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
(98)Address already in use: AH00072: make_sock: could not bind to address [::]:443
(98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:443
no listening sockets available, shutting down
AH00015: Unable to open logs
Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.
(98)Address already in use: AH00072: make_sock: could not bind to address [::]:443
(98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:443
no listening sockets available, shutting down
AH00015: Unable to open logs
Tried the same things again…
$ sudo kill -9 $(sudo lsof -t -i:443)
$ sudo certbot certonly -d collabora.example.com
And this is where I’m currently standing.
Saving debug log to /var/log/letsencrypt/letsencrypt.log
How would you like to authenticate with the ACME CA?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: Apache Web Server plugin - Beta (apache)
2: Spin up a temporary webserver (standalone)
3: Place files in webroot directory (webroot)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-3] then [enter] (press 'c' to cancel): 1
Plugins selected: Authenticator apache, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for collabora.example.com
Enabled Apache rewrite module
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. collabora.example.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://collabora.example.com/.well-known/acme-challenge/_TjK_3KyvKneo1_I3FqPJl7ADXAlySygpNq9q9X25YY [{the ip-address of my server}]: "<html>\r\n<head><title>503 Service Temporarily Unavailable</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>503 Service Tempora"
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: collabora.example.com
Type: unauthorized
Detail: Invalid response from
http://collabora.example.com/.well-known/acme-challenge/_TjK_3KyvKneo1_I3FqPJl7ADXAlySygpNq9q9X25YY
[{the ip-address of my server}]: "<html>\r\n<head><title>503 Service Temporarily
Unavailable</title></head>\r\n<body
bgcolor=\"white\">\r\n<center><h1>503 Service Tempora"
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
So. How would I be able to install the certificates succesfully so that I could run both Nextcloud and Collabora with Docker? Thanks an awful lot in advance!