尝试使用certbox获取SSL证书，但命令sudo certbot--apache在ec2实例上失败

，这是我在尝试运行

sudocertbot--apache

我通过ssh访问了我的EC2实例，并成功地运行了本说明第2节和第3节中的所有命令，但现在第4节中的这个命令失败了。以下是输出：

bitnami@ip-172-31-82-209:~/apps/InterSportsGraphs$ sudo certbot --apache
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
No names were found in your configuration files. Please enter in your domain
name(s) (comma and/or space separated)  (Enter 'c' to cancel): bigleaguegraphs.com www.bigleaguegraphs.com
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for bigleaguegraphs.com
http-01 challenge for www.bigleaguegraphs.com
Enabled Apache rewrite module
Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.

AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1. Set the 'ServerName' directive globally to suppress this message
(98)Address already in use: AH00072: make_sock: could not bind to address [::]:80
(98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
AH00015: Unable to open logs

Unable to restart apache using ['apache2ctl', 'graceful']
Cleaning up challenges
Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.

AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1. Set the 'ServerName' directive globally to suppress this message
(98)Address already in use: AH00072: make_sock: could not bind to address [::]:80
(98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
AH00015: Unable to open logs

Unable to restart apache using ['apache2ctl', 'graceful']
Encountered exception during recovery: 
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/certbot_apache/configurator.py", line 2185, in _reload
    util.run_script(self.option("restart_cmd"))
  File "/usr/lib/python3/dist-packages/certbot/util.py", line 86, in run_script
    raise errors.SubprocessError(msg)
certbot.errors.SubprocessError: Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.

AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1. Set the 'ServerName' directive globally to suppress this message
(98)Address already in use: AH00072: make_sock: could not bind to address [::]:80
(98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
AH00015: Unable to open logs


During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 75, in handle_authorizations
    resp = self._solve_challenges(aauthzrs)
  File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 139, in _solve_challenges
    resp = self.auth.perform(all_achalls)
  File "/usr/lib/python3/dist-packages/certbot_apache/configurator.py", line 2287, in perform
    self.restart()
  File "/usr/lib/python3/dist-packages/certbot_apache/configurator.py", line 2175, in restart
    self._reload()
  File "/usr/lib/python3/dist-packages/certbot_apache/configurator.py", line 2203, in _reload
    raise errors.MisconfigurationError(error)
certbot.errors.MisconfigurationError: Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.

AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1. Set the 'ServerName' directive globally to suppress this message
(98)Address already in use: AH00072: make_sock: could not bind to address [::]:80
(98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
AH00015: Unable to open logs


During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/certbot_apache/configurator.py", line 2185, in _reload
    util.run_script(self.option("restart_cmd"))
  File "/usr/lib/python3/dist-packages/certbot/util.py", line 86, in run_script
    raise errors.SubprocessError(msg)
certbot.errors.SubprocessError: Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.

AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1. Set the 'ServerName' directive globally to suppress this message
(98)Address already in use: AH00072: make_sock: could not bind to address [::]:80
(98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
AH00015: Unable to open logs


During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/certbot/error_handler.py", line 108, in _call_registered
    self.funcs[-1]()
  File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 323, in _cleanup_challenges
    self.auth.cleanup(achalls)
  File "/usr/lib/python3/dist-packages/certbot_apache/configurator.py", line 2312, in cleanup
    self.restart()
  File "/usr/lib/python3/dist-packages/certbot_apache/configurator.py", line 2175, in restart
    self._reload()
  File "/usr/lib/python3/dist-packages/certbot_apache/configurator.py", line 2203, in _reload
    raise errors.MisconfigurationError(error)
certbot.errors.MisconfigurationError: Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.

AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1. Set the 'ServerName' directive globally to suppress this message
(98)Address already in use: AH00072: make_sock: could not bind to address [::]:80
(98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
AH00015: Unable to open logs

Error while running apache2ctl graceful.
httpd not running, trying to start
Action 'graceful' failed.
The Apache error log may have more information.

AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1. Set the 'ServerName' directive globally to suppress this message
(98)Address already in use: AH00072: make_sock: could not bind to address [::]:80
(98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
AH00015: Unable to open logs

在整个错误过程中出现的错误消息的内容如下：

AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1. Set the 'ServerName' directive globally to suppress this message
(98)Address already in use: AH00072: make_sock: could not bind to address [::]:80
(98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:80

任何关于我如何调试它以获得我的网站的SSL证书的指导都将非常好，谢谢！我不是一个网络人，但需要做到这一点，以确保我的网站。请让我知道，如果我可以分享任何addt'l信息，将有助于这一点，或者我应该如何着手解决这一问题的一般。谢谢

编辑：我曾经测试过我的域名bigleaguegraphs.com，但也不太了解这里的输出

编辑2：以下是其他帖子的两个链接：

---

…看起来他们可能和我的帖子有关

从您发布的日志输出和评论中，我们知道您的网站是由node.js而不是Apache提供服务的。 这意味着您只有三个选择：

让Apache工作只是为了获得Let's Encrypt证书。我不推荐这种方法，因为它会很麻烦。Apache将与node.js在使用的端口方面发生冲突，当您解决此问题时，仍然需要将检索到的证书集成到node.js中

您可以直接通过certbot和任何其他服务器（例如node.js）检索证书，而不是使用Apache和

--Apache

标志检索证书。通常，这将涉及使用带有

certonly--webroot

选项的certbot，您需要修改node.js服务器（只需一点点），以便实际使用检索到的证书，并侦听SSL/TLS连接的其他端口。这种方法的一个很好的起点可能是这篇针对node.js和express.js的文章（而express.js是目前node.js最流行的HTTP服务器包，因此您的网站很可能也使用它，或者至少是一个非常类似的包）：
如果您有一个或少数站点希望获得证书，我建议您采用这种方法

与其让我们通过HTTP加密验证您的网站，HTTP总是涉及通过现有服务器（如Apache和带有

--Apache

标志）或任何其他服务器（带有

certonly--webroot

选项）提供质询响应，还可以通过DNS提供这些响应。这也适用于

certonly

选项（您还需要修改node.js，以便像以前的方法一样实际使用证书），但它有点复杂，需要额外的选项，这些选项可能因DNS提供商而异。您可以在上找到流行DNS提供商的文档概述
如果你有更多的网站，如果你想要通配符证书（专业提示：每个DNS提供商都有现成的docker镜像：），我绝对推荐这种方法

---

您正试图使用

--apache

标志运行certbot，但apache无法在计算机上运行（原因是您已经找到的最后一个日志输出）。这让我想知道，当apache无法运行时，您的网站也不能在线？

--apache

标志用于apache服务器向外部世界提供网站服务的用例。然而，您的网站似乎有其他服务，可能来自另一个地方，这是什么/在哪里？谢谢@JeyDWork-我使用

永久部署我的网站。几乎我在ec2实例上运行的唯一命令（除了
cd
）是
sudoforever stopall
停止网站，
gitpull
获取网站的最新代码，然后如果需要，我在ec2实例上安装新包，然后
sudo NODE\u ENV=prod forever start index.js
重新部署网站。好的，因此它是由NODE.js而不是apache提供服务的。这意味着使用
certbot--apache
，您完全走错了方向。您可能只需要使用apache获取证书就可以让apache工作，但这会很麻烦，然后您仍然需要将证书集成到node.js中（取决于您在这里使用的可能是express.js）。所以我推荐另一种certbot方法。要么基于DNS（请参阅），要么直接与node.js/express.js（第一次谷歌点击：）一起工作。@JeyDWork将所有这些结合到一个答案中，而不是一条评论，我会给你奖金。非常有用的东西，谢谢。当我试图实施你的建议时，我会给出更详细的答复。到期前没有分配赏金，所以我创建了一个新的赏金，并将在允许时分配！如果您选择了特定的方法并有其他问题，请告诉我。目前很难回答更详细的问题，因为每种方法都有很多可能性，而且还有一些未知的事实。如果您选择2或3，我建议您可能会遇到如何集成证书的问题。因此，我们需要知道您当前的node.js网站是否使用express.js。查找
require（'express'）
。如果它不在那里，您的项目就不使用它，在这种情况下，请查找
require（'http'）
。这些可能会指示集成证书的位置。