How to stop ports.conf getting modified by certbot

Question

How can I get certbot to stop modifying /etc/apache2/ports.conf, but still autorenew?

I have a ports.conf that looks like this

 NameVirtualHost 127.0.0.1:8080
 Listen 127.0.0.1:8080

 <IfModule ssl_module>
   Listen 443
 </IfModule>

 <IfModule mod_gnutls.c>
   Listen 443
 </IfModule>

I am using nginx to redirect http traffic to apache, as I have a flask server running at http://mydomain/api/ recieving requests.

The problem I am having is that since I set up certbot with apache, it keeps adding this line to my ports.conf file which then crashes apache :(

Listen 80

Does anyone know how to resolve this?

score 2 · Accepted Answer · answered Nov 28 '19 at 23:33

2

Install the Cerbot nginx plugin (python-certbot-nginx package on Debianoids) and modify the renewal parameters in /etc/letsencrypt/renewal/<your_domain>.conf:

[renewalparams]
authenticator = nginx
server = https://acme-v02.api.letsencrypt.org/directory
installer = nginx
account = <your_account_id>

Let's Encrypt needs port 80 to authenticate your domain and that port is occupied by nginx.

answered Nov 28 '19 at 23:33

Piotr P. Karwasz

5,748
2
11
21

Yep so I stopped `certbot`, installed `python-certbot-nginx` package and modified by renew conf files. I can confirm that this works exactly like one would hope. – Jesse Reza Khorasanee Dec 05 '19 at 03:11

How to stop ports.conf getting modified by certbot

1 Answers1