Let's Encrypt Error

[floyd]

I keep getting this error when trying to install a Let's Encrypt certificate.

2023/09/17 06:35:51 [INFO] [takcleaningservices.com.au, www.takcleaningservices.com.au] acme: Obtaining SAN certificate
2023/09/17 06:35:51 [INFO] [takcleaningservices.com.au] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/265247526196
2023/09/17 06:35:51 [INFO] [www.takcleaningservices.com.au] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/265247526206
2023/09/17 06:35:51 [INFO] [takcleaningservices.com.au] acme: Could not find solver for: tls-alpn-01
2023/09/17 06:35:51 [INFO] [takcleaningservices.com.au] acme: use http-01 solver
2023/09/17 06:35:51 [INFO] [www.takcleaningservices.com.au] acme: Could not find solver for: tls-alpn-01
2023/09/17 06:35:51 [INFO] [www.takcleaningservices.com.au] acme: use http-01 solver
2023/09/17 06:35:51 [INFO] [takcleaningservices.com.au] acme: Trying to solve HTTP-01
2023/09/17 06:35:51 [INFO] [www.takcleaningservices.com.au] acme: Trying to solve HTTP-01
2023/09/17 06:35:51 [INFO] Deactivating auth: https://acme-v02.api.letsencrypt.org/acme/authz-v3/265247526196
2023/09/17 06:35:52 [INFO] Deactivating auth: https://acme-v02.api.letsencrypt.org/acme/authz-v3/265247526206
2023/09/17 06:35:52 Could not obtain certificates:
error: one or more domains had a problem:
[takcleaningservices.com.au] [takcleaningservices.com.au] acme: error presenting token: could not start HTTP server for challenge: listen tcp :80: bind: address already in use
[www.takcleaningservices.com.au] [www.takcleaningservices.com.au] acme: error presenting token: could not start HTTP server for challenge: listen tcp :80: bind: address already in use
Certificate generation failed.

 

[Richard G]

Malware software give a warning of for this site. Probably false positive but still one has to look how to fix this.

1.) Do you have a valid certificaat for your hostname?
2.) Why is your hostname pointing to a completely different ip (216.x.x.x) than the domain (127.76.x.x) ?
I think that might be reason of the issue. Maybe something did not resolve (yet) as should be?

 

[Richard G]

Seems a resolving error. On another place I do get the 216 address, but seems not everywhere, some places use the 127.76.x.x address so you probably have to wait a bit.

 

[floyd]

Where would this come from?

acme: error presenting token: could not start HTTP server for challenge: listen tcp :80: bind: address already in use

 

[floyd]

Seems a resolving error. On another place I do get the 216 address, but seems not everywhere, some places use the 127.76.x.x address so you probably have to wait a bit.

Isn't the 127 network reserved as a lookback?

 

[Richard G]

Isn't the 127 network reserved as a lookback?

Yep you're quite right. It is. My mistake. I check on my own system. But browser wise my Malware Bytes blocked the connection. And I forgot also it was the whole 127 network.
I didn't know MB would also be effective on command prompt, but it was. Disabled it and now the correct ip is given.

So it must be the address in use issue you pointed to.

 

[floyd]

I just keep getting the same error and have no idea how to get past it. The error is not very helpful.

 

[Richard G]

Well it seems port 80 is already in use by something. Are you running just plain apache, or something like nGinx or Litespeed?
It looks like the letsencrypt check is trying to start Apache so maybe one of them is in the way somehow.

You can check with lsof -i:80 what is using port 80.

I do remember something about when nGinx or litespeed is used there must be some port adjustment done, just don't remember what since I don't use that, but maybe that thought points you in the right direction if you're using one of these.

 

[floyd]

Just using plain stock apache. Don't know why letsencrypt is trying to start it. Apache is running fine.

 

[Active8]

Hi floyd, maybe an ./build rewrite_confs can help ?