<div dir="ltr">
<p class="gmail-p1">Correction on the earlier answer below by Marius regarding Certbot certs and IP addresses: It appears that Certbot certificates are NOT tied to the IP address. The error I was getting was because I wasn't using sudo on the apachectl -t command (duh!), and the LetsEncrypt files are in private folders. Simply using sudo showed the syntax as OK and the SSL certs work fine. </p><p class="gmail-p1"><br></p><p class="gmail-p1">New question on modules: I admit to having no idea what some of these modules do and whether to load them or not. That said, it appears that the rewrite function isn't working on my Apache 2.4, despite having mod_rewrite loaded. Specifically, the modified permalinks structure in WordPress sites is broken, but it probably affects other sites/functions as well. </p><p class="gmail-p1">I've turned some of the modules which are off by default to 'on' to return other missing functionality (see the first list below), but I'm unclear on what else might be missing, especially with regard to the rewrite function. </p><p class="gmail-p1">Thanks in advance for any pointers. </p><p class="gmail-p1"><br></p><p class="gmail-p1">Loaded Modules in my 2.4.x test instance:</p><p class="gmail-p1"> core_module (static)</p><p class="gmail-p1"> so_module (static)</p><p class="gmail-p1"> http_module (static)</p><p class="gmail-p1"> mpm_prefork_module (static)</p><p class="gmail-p1"> authn_file_module (shared)</p><p class="gmail-p1"> authn_dbm_module (shared)</p><p class="gmail-p1"> authn_anon_module (shared)</p><p class="gmail-p1"> authn_dbd_module (shared)</p><p class="gmail-p1"> authn_socache_module (shared)</p><p class="gmail-p1"> authn_core_module (shared)</p><p class="gmail-p1"> authz_host_module (shared)</p><p class="gmail-p1"> authz_groupfile_module (shared)</p><p class="gmail-p1"> authz_user_module (shared)</p><p class="gmail-p1"> authz_owner_module (shared)</p><p class="gmail-p1"> authz_core_module (shared)</p><p class="gmail-p1"> auth_basic_module (shared)</p><p class="gmail-p1"> auth_digest_module (shared)</p><p class="gmail-p1"> file_cache_module (shared)</p><p class="gmail-p1"> cache_module (shared)</p><p class="gmail-p1"> cache_disk_module (shared)</p><p class="gmail-p1"> socache_shmcb_module (shared)</p><p class="gmail-p1"> include_module (shared)</p><p class="gmail-p1"> filter_module (shared)</p><p class="gmail-p1"> mime_module (shared)</p><p class="gmail-p1"> log_config_module (shared)</p><p class="gmail-p1"> expires_module (shared)</p><p class="gmail-p1"> headers_module (shared)</p><p class="gmail-p1"> setenvif_module (shared)</p><p class="gmail-p1"> version_module (shared)</p><p class="gmail-p1"> ssl_module (shared)</p><p class="gmail-p1"> unixd_module (shared)</p><p class="gmail-p1"> vhost_alias_module (shared)</p><p class="gmail-p1"> dir_module (shared)</p><p class="gmail-p1"> alias_module (shared)</p><p class="gmail-p1"> rewrite_module (shared)</p><p class="gmail-p1"> php7_module (shared)</p><p class="gmail-p1"> access_compat_module (shared)</p><p class="gmail-p1"> log_forensic_module (shared)</p><p class="gmail-p1"> env_module (shared)</p><p class="gmail-p1"> </p><p class="gmail-p1"> The modules loaded by 2.4.x installation by default are:</p><p class="gmail-p1"> </p><p class="gmail-p1"> authn_file_module lib/apache2/modules/mod_authn_file.so</p><p class="gmail-p1"> authn_core_module lib/apache2/modules/mod_authn_core.so</p><p class="gmail-p1"> authz_host_module lib/apache2/modules/mod_authz_host.so</p><p class="gmail-p1"> authz_groupfile_module lib/apache2/modules/mod_authz_groupfile.so</p><p class="gmail-p1"> authz_user_module lib/apache2/modules/mod_authz_user.so</p><p class="gmail-p1"> authz_core_module lib/apache2/modules/mod_authz_core.so</p><p class="gmail-p1"> access_compat_module lib/apache2/modules/mod_access_compat.so</p><p class="gmail-p1"> auth_basic_module lib/apache2/modules/mod_auth_basic.so</p><p class="gmail-p1"> reqtimeout_module lib/apache2/modules/mod_reqtimeout.so</p><p class="gmail-p1"> filter_module lib/apache2/modules/mod_filter.so</p><p class="gmail-p1"> mime_module lib/apache2/modules/mod_mime.so</p><p class="gmail-p1"> log_config_module lib/apache2/modules/mod_log_config.so</p><p class="gmail-p1"> env_module lib/apache2/modules/mod_env.so</p><p class="gmail-p1"> headers_module lib/apache2/modules/mod_headers.so</p><p class="gmail-p1"> setenvif_module lib/apache2/modules/mod_setenvif.so</p><p class="gmail-p1"> version_module lib/apache2/modules/mod_version.so</p><p class="gmail-p1"> slotmem_shm_module lib/apache2/modules/mod_slotmem_shm.so</p><p class="gmail-p1"> unixd_module lib/apache2/modules/mod_unixd.so</p><p class="gmail-p1"> status_module lib/apache2/modules/mod_status.so</p><p class="gmail-p1"> autoindex_module lib/apache2/modules/mod_autoindex.so</p><p class="gmail-p1"> dir_module lib/apache2/modules/mod_dir.so</p><p class="gmail-p1"> alias_module lib/apache2/modules/mod_alias.so</p><p class="gmail-p1"> </p><p class="gmail-p1"> Other available modules in 2.4.x are:</p><p class="gmail-p1"># authn_dbm_module lib/apache2/modules/mod_authn_dbm.so</p><p class="gmail-p1"># authn_anon_module lib/apache2/modules/mod_authn_anon.so</p><p class="gmail-p1"># authn_dbd_module lib/apache2/modules/mod_authn_dbd.so</p><p class="gmail-p1"># authn_socache_module lib/apache2/modules/mod_authn_socache.so</p><p class="gmail-p1"># authz_dbm_module lib/apache2/modules/mod_authz_dbm.so</p><p class="gmail-p1"># authz_owner_module lib/apache2/modules/mod_authz_owner.so</p><p class="gmail-p1"># authz_dbd_module lib/apache2/modules/mod_authz_dbd.so</p><p class="gmail-p1"># auth_form_module lib/apache2/modules/mod_auth_form.so</p><p class="gmail-p1"># auth_digest_module lib/apache2/modules/mod_auth_digest.so</p><p class="gmail-p1"># allowmethods_module lib/apache2/modules/mod_allowmethods.so</p><p class="gmail-p1"># file_cache_module lib/apache2/modules/mod_file_cache.so</p><p class="gmail-p1"># cache_module lib/apache2/modules/mod_cache.so</p><p class="gmail-p1"># cache_disk_module lib/apache2/modules/mod_cache_disk.so</p><p class="gmail-p1"># cache_socache_module lib/apache2/modules/mod_cache_socache.so</p><p class="gmail-p1"># socache_shmcb_module lib/apache2/modules/mod_socache_shmcb.so</p><p class="gmail-p1"># socache_dbm_module lib/apache2/modules/mod_socache_dbm.so</p><p class="gmail-p1"># socache_memcache_module lib/apache2/modules/mod_socache_memcache.so</p><p class="gmail-p1"># watchdog_module lib/apache2/modules/mod_watchdog.so</p><p class="gmail-p1"># macro_module lib/apache2/modules/mod_macro.so</p><p class="gmail-p1"># dbd_module lib/apache2/modules/mod_dbd.so</p><p class="gmail-p1"># dumpio_module lib/apache2/modules/mod_dumpio.so</p><p class="gmail-p1"># echo_module lib/apache2/modules/mod_echo.so</p><p class="gmail-p1"># buffer_module lib/apache2/modules/mod_buffer.so</p><p class="gmail-p1"># data_module lib/apache2/modules/mod_data.so</p><p class="gmail-p1"># ratelimit_module lib/apache2/modules/mod_ratelimit.so</p><p class="gmail-p1"># ext_filter_module lib/apache2/modules/mod_ext_filter.so</p><p class="gmail-p1"># request_module lib/apache2/modules/mod_request.so</p><p class="gmail-p1"># include_module lib/apache2/modules/mod_include.so</p><p class="gmail-p1"># reflector_module lib/apache2/modules/mod_reflector.so</p><p class="gmail-p1"># substitute_module lib/apache2/modules/mod_substitute.so</p><p class="gmail-p1"># sed_module lib/apache2/modules/mod_sed.so</p><p class="gmail-p1"># charset_lite_module lib/apache2/modules/mod_charset_lite.so</p><p class="gmail-p1"># deflate_module lib/apache2/modules/mod_deflate.so</p><p class="gmail-p1"># xml2enc_module lib/apache2/modules/mod_xml2enc.so</p><p class="gmail-p1"># proxy_html_module lib/apache2/modules/mod_proxy_html.so</p><p class="gmail-p1"># log_debug_module lib/apache2/modules/mod_log_debug.so</p><p class="gmail-p1"># log_forensic_module lib/apache2/modules/mod_log_forensic.so</p><p class="gmail-p1"># logio_module lib/apache2/modules/mod_logio.so</p><p class="gmail-p1"># mime_magic_module lib/apache2/modules/mod_mime_magic.so</p><p class="gmail-p1"># expires_module lib/apache2/modules/mod_expires.so</p><p class="gmail-p1"># usertrack_module lib/apache2/modules/mod_usertrack.so</p><p class="gmail-p1"># unique_id_module lib/apache2/modules/mod_unique_id.so</p><p class="gmail-p1"># session_dbd_module lib/apache2/modules/mod_session_dbd.so</p><p class="gmail-p1"># remoteip_module lib/apache2/modules/mod_remoteip.so</p><p class="gmail-p1"># proxy_module lib/apache2/modules/mod_proxy.so</p><p class="gmail-p1"># proxy_connect_module lib/apache2/modules/mod_proxy_connect.so</p><p class="gmail-p1"># proxy_ftp_module lib/apache2/modules/mod_proxy_ftp.so</p><p class="gmail-p1"># proxy_http_module lib/apache2/modules/mod_proxy_http.so</p><p class="gmail-p1"># proxy_fcgi_module lib/apache2/modules/mod_proxy_fcgi.so</p><p class="gmail-p1"># proxy_scgi_module lib/apache2/modules/mod_proxy_scgi.so</p><p class="gmail-p1"># proxy_fdpass_module lib/apache2/modules/mod_proxy_fdpass.so</p><p class="gmail-p1"># proxy_wstunnel_module lib/apache2/modules/mod_proxy_wstunnel.so</p><p class="gmail-p1"># proxy_ajp_module lib/apache2/modules/mod_proxy_ajp.so</p><p class="gmail-p1"># proxy_balancer_module lib/apache2/modules/mod_proxy_balancer.so</p><p class="gmail-p1"># proxy_express_module lib/apache2/modules/mod_proxy_express.so</p><p class="gmail-p1"># proxy_hcheck_module lib/apache2/modules/mod_proxy_hcheck.so</p><p class="gmail-p1"># session_module lib/apache2/modules/mod_session.so</p><p class="gmail-p1"># session_cookie_module lib/apache2/modules/mod_session_cookie.so</p><p class="gmail-p1"># slotmem_plain_module lib/apache2/modules/mod_slotmem_plain.so</p><p class="gmail-p1"># ssl_module lib/apache2/modules/mod_ssl.so</p><p class="gmail-p1"># dialup_module lib/apache2/modules/mod_dialup.so</p><p class="gmail-p1"># lbmethod_byrequests_module lib/apache2/modules/mod_lbmethod_byrequests.so</p><p class="gmail-p1"># lbmethod_bytraffic_module lib/apache2/modules/mod_lbmethod_bytraffic.so</p><p class="gmail-p1"># lbmethod_bybusyness_module lib/apache2/modules/mod_lbmethod_bybusyness.so</p><p class="gmail-p1"># lbmethod_heartbeat_module lib/apache2/modules/mod_lbmethod_heartbeat.so</p><p class="gmail-p1"># heartbeat_module lib/apache2/modules/mod_heartbeat.so</p><p class="gmail-p1"># heartmonitor_module lib/apache2/modules/mod_heartmonitor.so</p><p class="gmail-p1"># dav_module lib/apache2/modules/mod_dav.so</p><p class="gmail-p1"># asis_module lib/apache2/modules/mod_asis.so</p><p class="gmail-p1"># info_module lib/apache2/modules/mod_info.so</p><p class="gmail-p1"># cgi_module lib/apache2/modules/mod_cgi.so</p><p class="gmail-p1"># dav_fs_module lib/apache2/modules/mod_dav_fs.so</p><p class="gmail-p1"># dav_lock_module lib/apache2/modules/mod_dav_lock.so</p><p class="gmail-p1"># vhost_alias_module lib/apache2/modules/mod_vhost_alias.so</p><p class="gmail-p1"># negotiation_module lib/apache2/modules/mod_negotiation.so</p><p class="gmail-p1"># actions_module lib/apache2/modules/mod_actions.so</p><p class="gmail-p1"># speling_module lib/apache2/modules/mod_speling.so</p><p class="gmail-p1"># userdir_module lib/apache2/modules/mod_userdir.so</p><p class="gmail-p1"><br></p><p class="gmail-p1"><br></p><div class="gmail_extra"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div><div class="gmail-h5"><div class="gmail_extra"><br><div class="gmail_quote">On Thu, Oct 26, 2017 at 7:25 PM, Bill Christensen <span dir="ltr"><<a href="mailto:billc_lists@greenbuilder.com" target="_blank">billc_lists@greenbuilder.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div bgcolor="#FFFFFF"><span class="gmail-m_-7379642268433731980m_4606287072803811330gmail-">
<div class="gmail-m_-7379642268433731980m_4606287072803811330gmail-m_-8140913516884807925moz-cite-prefix">On 10/26/17 7:06 PM, Marius Schamschula
wrote:<br>
</div>
<blockquote type="cite">
Bill,
<div><br>
<div>
<blockquote type="cite">
<div>On Oct 26, 2017, at 6:16 PM, Bill Christensen
<<a href="mailto:billc_lists@greenbuilder.com" target="_blank">billc_lists@greenbuilder.com</a>>
wrote:</div>
<br class="gmail-m_-7379642268433731980m_4606287072803811330gmail-m_-8140913516884807925Apple-interchange-newline">
<div>
<div dir="ltr">Got a chance to work on
implementing Apache 2.4 again today using a clone of
production on a test machine.
<div><br>
</div>
<div>http is working fine.</div>
<div><br>
</div>
<div>But checking the config, I'm getting:</div>
<div><br>
</div>
<div>
<p class="gmail-m_-7379642268433731980m_4606287072803811330gmail-m_-8140913516884807925gmail-p1"><span class="gmail-m_-7379642268433731980m_4606287072803811330gmail-m_-8140913516884807925gmail-s1">SSLCertificateFile:
file '/opt/local/etc/letsencrypt/li<wbr>ve/<<a href="http://domain.name/" target="_blank">domain.name</a>>/fullchain.pem<wbr>'
does not exist or is empty</span></p>
<p class="gmail-m_-7379642268433731980m_4606287072803811330gmail-m_-8140913516884807925gmail-p1">Except that it DOES exist, and it
ISN'T empty. </p>
<p class="gmail-m_-7379642268433731980m_4606287072803811330gmail-m_-8140913516884807925gmail-p1">Any ideas? Modules not loaded?
(I've tried toggling all of them on and off, no
joy). It wouldn't have to do with this being a
different IP address than the one set when we
created the certs, would it? </p>
</div>
</div>
</div>
</blockquote>
<div>Yes. Certbot certificates are tied to the IP address.</div>
</div>
</div>
</blockquote>
<br></span>
Ok, thanks. I'll generate a temporary one on a dev domain for use
in my testing then, and cross my fingers that the real ones will
work properly when I take it live. (and be ready to roll back if
they don't!)<span class="gmail-m_-7379642268433731980m_4606287072803811330gmail-"><br>
<br>
<br>
<p><br>
</p>
<pre class="gmail-m_-7379642268433731980m_4606287072803811330gmail-m_-8140913516884807925moz-signature" cols="72">--
Bill Christensen
<a class="gmail-m_-7379642268433731980m_4606287072803811330gmail-m_-8140913516884807925moz-txt-link-freetext" href="http://SustainableSources.com" target="_blank">http://SustainableSources.com</a>
<a class="gmail-m_-7379642268433731980m_4606287072803811330gmail-m_-8140913516884807925moz-txt-link-freetext" href="http://LinkedIn.com/in/billc108" target="_blank">http://LinkedIn.com/in/billc10<wbr>8</a></pre>
</span></div>
</blockquote></div><br></div></div></div></div>
</blockquote></div><br></div></div>