How to add lets encrypt certificate in centos 7 for http/2?

Question

I have followed the below link for enabling http/2 in centos-7 apache. https://www.tunetheweb.com/performance/http2/

Apache version : 2.4.27

My openssl version :

# openssl version
OpenSSL 1.1.0f  25 May 2017

I need to add https certificate to that domain to check the http/2 process in the browser.

While i'm trying to add the certificate using lets encrypt it reports as :

#sudo  certbot --apache
We were unable to find a vhost with a ServerName or Address of xxx.yyy.com.
Which virtual host would you like to choose?
(note: conf files with multiple vhosts are not yet supported)
-------------------------------------------------------------------------------
1: ssl.conf                       |                       | HTTPS | Enabled
-------------------------------------------------------------------------------
Press 1 [enter] to confirm the selection (press 'c' to cancel): 1
Error while running apachectl graceful.
Job for httpd.service invalid.
Cleaning up challenges
Error while running apachectl graceful.
Job for httpd.service invalid.
Encountered exception during recovery
Error while running apachectl graceful.
Job for httpd.service invalid.
Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/certbot/error_handler.py", line 99, in _call_registered
    self.funcs[-1]()
  File "/usr/lib/python2.7/site-packages/certbot/auth_handler.py", line 284, in _cleanup_challenges
    self.auth.cleanup(achalls)
  File "/usr/lib/python2.7/site-packages/certbot_apache/configurator.py", line 1908, in cleanup
    self.restart()
  File "/usr/lib/python2.7/site-packages/certbot_apache/configurator.py", line 1797, in restart
    self._reload()
  File "/usr/lib/python2.7/site-packages/certbot_apache/configurator.py", line 1808, in _reload
    raise errors.MisconfigurationError(str(err))
MisconfigurationError: Error while running apachectl graceful.
Job for httpd.service invalid.
Error while running apachectl graceful.
Job for httpd.service invalid.

While following the lets encrypt certificate adding process,

 #yum install certbot-apache

Installing:
 python2-certbot-apache                           noarch                           0.14.1-1.el7                                        epel                              144 k
Installing for dependencies:
 httpd                                            x86_64                           2.4.6-45.el7.centos.4                               updates                           2.7 M
 mod_ssl                                          x86_64                           1:2.4.6-45.el7.centos.4                             updates                           105 k

It is adding these packages. so http-2.4.6 and 2.4.27 both were present in the server.

Answer 1

I think I can get you one step closer. Try this:

certbot --authenticator standalone --installer apache --pre-hook "systemctl stop httpd" --post-hook "systemctl start httpd"

also, check the status of apache before trying the above... systemctl status httpd . If it is down and will not start, find the zombie threads ( ps -ef|grep httpd ) and kill them. (or reboot).