Hello @stevenr
the given information is a bit vague, but I can see that you are using UCS 4.1 with letsencrypt multiple domains activated, at least for Apache. Please correct me, if I am wrong.
It seem that you run setup-letsencrypt multiple times. That is okay! But the real error message should be displayed in your previous run(s).
I could reproduce the “error on line 20” if I enter some invalid domains and set apache2/force_https=yes. The problem is, that the certificate creation fails, but certificate is already referenced in the apache configuration.
To solve this
- please double check the values in
letsencrypt/domainswhich should be separated by spaces, or even better: first start with one domain only. The domains must be reached from external for the letsencrypt acme-challenge request. - temporary configure
ucr unset apache2/force_https - re run
/usr/share/univention-letsencrypt/setup-letsencrypt - if all went fine, check your configuration with
apache2ctl configtestand setapache2/force_https=yesif you want. Then restart Apache if “Syntax OK” was displayed byservice apache2 restart
If this still does not work, and apache fails to start, you could unset the UCR variables to UCS default:
ucr unset apache2/ssl/certificate apache2/ssl/certificatechain apache2/ssl/key
and retry the steps from above 