UMC (Apache) is not starting after LetsEncrypt installation

Urs · May 27, 2019, 4:21pm

Hello

after LetsEncrypt installation I am getting this error:

Blockquote
root@ma01:~# systemctl status apache2.service
● apache2.service - The Apache HTTP Server
Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Mon 2019-05-27 18:06:04 CEST; 2min 25s ago
Process: 6817 ExecStop=/usr/sbin/apachectl stop (code=exited, status=1/FAILURE)
Process: 8600 ExecStart=/usr/sbin/apachectl start (code=exited, status=1/FAILURE)
Main PID: 18502 (code=exited, status=0/SUCCESS)
CPU: 44ms

Mai 27 18:06:04 ma01 systemd[1]: Starting The Apache HTTP Server…
Mai 27 18:06:04 ma01 apachectl[8600]: AH00526: Syntax error on line 30 of /etc/apache2/sites-enabled/univention-letsencrypt.conf:
Mai 27 18:06:04 ma01 apachectl[8600]: SSLCertificateFile: file ‘/etc/univention/letsencrypt/signed_chain.crt’ does not exist or is empty
Mai 27 18:06:04 ma01 apachectl[8600]: Action ‘start’ failed.
Mai 27 18:06:04 ma01 apachectl[8600]: The Apache error log may have more information.
Mai 27 18:06:04 ma01 systemd[1]: apache2.service: Control process exited, code=exited status=1
Mai 27 18:06:04 ma01 systemd[1]: Failed to start The Apache HTTP Server.
Mai 27 18:06:04 ma01 systemd[1]: apache2.service: Unit entered failed state.
Mai 27 18:06:04 ma01 systemd[1]: apache2.service: Failed with result ‘exit-code’.

type or paste code here

all I can do is uninstalling letsencrypt and remove the letsencrypt folder with the command:

univention-app remove letsencrypt

but every time I try to install LetsEncrypt again the same problem apears.

What can I do, how to completely remove Letsencrypt and reinstall it?

thanks

Urs

pider · May 28, 2019, 8:06am

Hello,
so your not even able to run the config wizard for letsencrypt ?
the reason, why your apache isn’t starting is easy to find -> SSLCertificateFile: file ‘/etc/univention/letsencrypt/signed_chain.crt’ does not exist or is empty

best reguards

Urs · May 28, 2019, 8:20am

Hello Pider
thanks for your reply.
Yes I know that the missing Cert is the problem, but why is LetsEncrypt not creating it???

I could access the UMC again after following the instructions here: Web console not responding after letsencrypt upgrade fail

But when ever I run LetsEnrypt again I got other problems. Therefore I reinstalled the UMC Server again, it was not yet in production. Now it works, I just lost a few hours that’s all.
thanks anyway

pider · May 28, 2019, 8:45am

What does /var/log/univention/letsencrypt.log say.
may there is a problem in cert retrieval after installation