The mailing list for listmasters using Sympa

[Matthew Caron <address@concealed>]

I had a slightly different problem (Apache fighting over ports with 
certbot) and my solution might work for you...

1.) Stop Apache
2.) Get the certs by running certbot in standalone mode.
3.) Configure Apache to use the cert.
4.) Start Apache

At night, something like 1AM, I drop Apache really quickly, run the 
renew, then start it again. My server is low volume enough and users are 
mostly centralized on the US east coast that no one cares.

Perhaps this will work for you and allow you to sidestep the problem? 
It's a cheat, but I'm lazy and only care when caring is justified.

On 3/22/21 9:44 AM, Luis Manzi wrote:
> Hi Guys,
>
> I’ve already have sympa up & running. But I would like to know if you 
> can give me a hand to apply ssl cert for sympa web access.
>
> On sympa.conf file I added my url as https://mydomain.com/sympa 
> <https://mydomain.com/sympa>
>
> I’m working on linux centos 7 + apache + fastcgi , then I have this file 
> for web access
>
> /etc/httpd/conf.d/sympa.conf
>
> So this is the setting on this file:
>
> ### Apache httpd 2.4 configuration for Sympa
>
> ##
>
> ## Note: As of 6.2.35-0.1.b.1, mod_proxy_fcgi was adopted instead of 
> mod_fcgid.
>
> ## * You have to edit /etc/sysconfig/sympa as described in it.
>
> ## * Then, you have to run separate fastCGI services wwsympa and/or 
> sympasoap:
>
> ##   systemctl start wwsympa
>
> ##   systemctl start sympasoap
>
> ## Definition of Sympa FastCGI server.
>
> <IfModule mod_proxy_fcgi.c>
>
>      # If you changed wwsympa_url in sympa.conf, change this path too.
>
>      <Location /sympa>
>
>          SetHandler "proxy:unix:/var/run/sympa/wwsympa.socket|fcgi://"
>
>          # Don't forget to edit lines below!
>
>          Require local
>
>          Require all granted
>
>      </Location>
>
> #    # You may uncomment following lines to enable SympaSOAP feature.
>
> #    <Location /sympasoap>
>
> #        SetHandler "proxy:unix:/var/run/sympa/sympasoap.socket|fcgi://"
>
> #        # Don't forget to edit lines below!
>
> #        Require local
>
> #        #Require all granted
>
> #    </Location>
>
> </IfModule>
>
> ## Other static contents
>
> <Location /static-sympa>
>
>      Require all granted
>
> </Location>
>
> Alias /static-sympa/css /var/lib/sympa/css
>
> Alias /static-sympa/pictures /var/lib/sympa/pictures
>
> Alias /static-sympa /usr/share/sympa/static_content
>
> ## If your host is dedicated to Sympa:
>
> RewriteEngine on
>
> RewriteRule ^/?$ /sympa [R=301]
>
> I’m trying to install letsencrypt certbot but seems like it cannot find 
> mydomain.com configuration:
>
> Unable to find a virtual host listening on port 80 which is currently 
> needed for Certbot to prove to the CA that you control your domain. 
> Please add a virtual host for port 80.
>
> So I’m not sure where should I add virtualhost settings and how can it 
> impact in current configuration.
>
> I will appreciate any idea 😊
>
> Thanks!
>
> Luis

--
“To compel a man to furnish funds for the propagation of
ideas he disbelieves and abhors is sinful and tyrannical.”
    -- Thomas Jefferson
==
PGP Key: http://www.mattcaron.net/pgp_key.txt
 ~~ Matt Caron ~~