技術ブログ

プログラミング、IT関連の記事中心

Let’s Encryptの証明書の更新エラーで(Error while running apachectl graceful)

目次

環境

nginx
Let’s Encrypt

エラー発生

Let’s Encryptの証明書の有効期限が切れている状態で、以下のコマンドを実行する。

/usr/bin/certbot renew

本来なら証明書が更新されるが、「エラー内容」が発生する。

エラー内容

Saving debug log to /var/log/letsencrypt/letsencrypt.log

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/example.com.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert is due for renewal, auto-renewing...
Plugins selected: Authenticator apache, Installer apache
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for example.com
Error while running apachectl graceful.

Job for httpd.service invalid.

Unable to restart apache using ['apachectl', 'graceful']
Error while running apachectl restart.

Job for httpd.service failed because the control process exited with error code. See "systemctl status httpd.service" and "journalctl -xe" for details.

Cleaning up challenges
Error while running apachectl graceful.

Job for httpd.service invalid.

Unable to restart apache using ['apachectl', 'graceful']
Error while running apachectl restart.

Job for httpd.service failed because the control process exited with error code. See "systemctl status httpd.service" and "journalctl -xe" for details.

Encountered exception during recovery: 
Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/certbot/_internal/error_handler.py", line 125, in _call_registered
    self.funcs[-1]()
  File "/usr/lib/python2.7/site-packages/certbot/_internal/auth_handler.py", line 243, in _cleanup_challenges
    self.auth.cleanup(achalls)
  File "/usr/lib/python2.7/site-packages/certbot_apache/_internal/configurator.py", line 2540, in cleanup
    self.restart()
  File "/usr/lib/python2.7/site-packages/certbot_apache/_internal/configurator.py", line 2410, in restart
    self._reload()
  File "/usr/lib/python2.7/site-packages/certbot_apache/_internal/configurator.py", line 2437, in _reload
    raise errors.MisconfigurationError(error)
MisconfigurationError: Error while running apachectl restart.

Job for httpd.service failed because the control process exited with error code. See "systemctl status httpd.service" and "journalctl -xe" for details.

Attempting to renew cert (example.com) from /etc/letsencrypt/renewal/example.com.conf produced an unexpected error: Error while running apachectl restart.

Job for httpd.service failed because the control process exited with error code. See "systemctl status httpd.service" and "journalctl -xe" for details.
. Skipping.
All renewal attempts failed. The following certs could not be renewed:
  /etc/letsencrypt/live/example.com/fullchain.pem (failure)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

All renewal attempts failed. The following certs could not be renewed:
  /etc/letsencrypt/live/example.com/fullchain.pem (failure)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1 renew failure(s), 0 parse failure(s)

対応方法

nginxを停止します。

systemctl stop nginx

証明書を更新します。

/usr/bin/certbot renew

Apatchを停止します。

systemctl stop httpd

nginxを再起動します。

systemctl start nginx

これで、証明書の更新が正常に完了です。