From nobody Thu Nov 16 22:02:39 2023 X-Original-To: questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4SWYtg3Vmqz517rF for ; Thu, 16 Nov 2023 22:02:51 +0000 (UTC) (envelope-from bc979@lafn.org) Received: from mail.sermon-archive.info (sermon-archive.info [47.181.130.121]) by mx1.freebsd.org (Postfix) with ESMTP id 4SWYtg2XJ5z4WyH for ; Thu, 16 Nov 2023 22:02:51 +0000 (UTC) (envelope-from bc979@lafn.org) Authentication-Results: mx1.freebsd.org; none Received: from smtpclient.apple (unknown [10.0.1.251]) by mail.sermon-archive.info (Postfix) with ESMTPSA id 4SWYtd5G4Vz2gFDK; Thu, 16 Nov 2023 14:02:49 -0800 (PST) From: Doug Hardie Message-Id: <8D21AE27-BE70-4158-B198-4B06C7D4A981@sermon-archive.info> Content-Type: multipart/alternative; boundary="Apple-Mail=_FFAB6EFA-115B-4B15-A65C-4A65A7E0C21D" List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.700.6\)) Subject: Re: py39-certbot-2.6.0,1 Date: Thu, 16 Nov 2023 14:02:39 -0800 In-Reply-To: <173e9c01-1e50-43ce-8acb-22a33f9603d4@gmail.com> Cc: questions@freebsd.org To: TIM KELLERS References: <173e9c01-1e50-43ce-8acb-22a33f9603d4@gmail.com> X-Mailer: Apple Mail (2.3731.700.6) X-Virus-Scanned: clamav-milter 1.1.2 at mail X-Virus-Status: Clean X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:5650, ipnet:47.181.128.0/18, country:US] X-Rspamd-Queue-Id: 4SWYtg2XJ5z4WyH --Apple-Mail=_FFAB6EFA-115B-4B15-A65C-4A65A7E0C21D Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii > On Nov 16, 2023, at 13:59, TIM KELLERS wrote: >=20 > I use that certbot, too, and I just do an apachectl stop before = "certbot renew." I also have to stop the pf service because my firewall = doesn't like port 80 traffic, but that's a different use case. >=20 >=20 >=20 > Tim >=20 >=20 >=20 > On 11/16/23 4:34 PM, Doug Hardie wrote: >> I have been using py39-certbot-2.6.0,1 for sometime now without any = issues. However, earlier this month it started generating errors: >>=20 >> Renewing an existing certificate for sermon-archive.info and 5 more = domains >> Failed to renew certificate sermon-archive.info with error: Could not = bind TCP port 80 because it is already in use by another process on this = system (such as a web server). Please stop the program in question and = then try again. >>=20 >> Huh? Of course there is a web server there. That's why I need a = certificate. Anyone know how to fix this issue, or should I switch to = some other LetsEncrypt client? Thanks, >>=20 Stopping the web server is not a viable approach. It is on a production = machine and that would affect my clients. It has never done this in the = years I have been using LetsEncrypt. I don't see any changes in that = port either. -- Doug --Apple-Mail=_FFAB6EFA-115B-4B15-A65C-4A65A7E0C21D Content-Transfer-Encoding: 7bit Content-Type: text/html; charset=us-ascii
On Nov 16, 2023, at 13:59, TIM KELLERS <trkellers@gmail.com> wrote:

I use that certbot, too, and I just do an apachectl stop before "certbot renew."  I also have to stop the pf service because my firewall doesn't like port 80 traffic, but that's a different use case.


Tim


On 11/16/23 4:34 PM, Doug Hardie wrote:
I have been using py39-certbot-2.6.0,1 for sometime now without any issues.  However, earlier this month it started generating errors:

Renewing an existing certificate for sermon-archive.info and 5 more domains
Failed to renew certificate sermon-archive.info with error: Could not bind TCP port 80 because it is already in use by another process on this system (such as a web server). Please stop the program in question and then try again.

Huh?  Of course there is a web server there.  That's why I need a certificate.  Anyone know how to fix this issue, or should I switch to some other LetsEncrypt client?  Thanks,


Stopping the web server is not a viable approach.  It is on a production machine and that would affect my clients.  It has never done this in the years I have been using LetsEncrypt.  I don't see any changes in that port either.

-- Doug


--Apple-Mail=_FFAB6EFA-115B-4B15-A65C-4A65A7E0C21D--