How to renew Let's Encrypt certificate that fails with port error even though Apache is stopped?

Daniel Patriarca asked:

I am trying to renew the Let’s encrypt certificate for an AWS Ubuntu instance that is running Bitnami Parse-Server for the purpose of being the backend for an iOS app. When the iOS app crashed with message "Sign on failed, the data couldn't be read because it isn't in the correct format" I assumed that the Let’s encrypt certificate needed to be renewed and took the following steps and got the following error:

  1. Stopped my apache server and parse-server sudo service apache2 stop; sudo /opt/bitnami/ stop

  2. Ran the Let’s encrypt tool sudo /opt/bitnami/bncert-tool

  3. Allowed it to install the newest version and then restarted the tool the same way sudo /opt/bitnami/bncert-tool

  4. Used tool to renew certificate but after the step where I enter domain received error:

    Error: There has been an error.
    Cannot bind to port 80 and/or 443. These ports are used for Let’s Encrypt to
    verify the domain DNS configuration. Please stop any services using those ports,
    and ensure your system user has permissions to bind to them.

When I searched online for how to address this issue it seems that stopping apache fixed any issues for everyone else. How can I renew a certificate using Let’s encrypt? Is there a way to determine what is causing this binding issue since it is not the apache or parse server?

Per a commenter’s request this is the result when I run sudo ss -tnlp:

[[email protected]:~$ sudo ss -tnlp
State       Recv-Q Send-Q           Local Address:Port                          Peer Address:Port              
LISTEN      0      128                          *:22                                       *:*                   users:(("sshd",pid=1242,fd=3))
LISTEN      0      128                                            *:*                   users:(("mongod",pid=17958,fd=11))
LISTEN      0      128                         :::22                                      :::*                   users:(("sshd",pid=1242,fd=4))
LISTEN      0      128                         :::1337                                    :::*                   users:((".node.bin",pid=18026,fd=10))
LISTEN      0      128                         :::443                                     :::*                   users:(("httpd.bin",pid=17756,fd=6),("httpd.bin",pid=17667,fd=6),("httpd.bin",pid=17666,fd=6),("httpd.bin",pid=16633,fd=6),("httpd.bin",pid=15776,fd=6),("httpd.bin",pid=15769,fd=6))
LISTEN      0      128                         :::4040                                    :::*                   users:((".node.bin",pid=18026,fd=11))
LISTEN      0      128                         :::80                                      :::*                   users:(("httpd.bin",pid=17756,fd=4),("httpd.bin",pid=17667,fd=4),("httpd.bin",pid=17666,fd=4),("httpd.bin",pid=16633,fd=4),("httpd.bin",pid=15776,fd=4),("httpd.bin",pid=15769,fd=4))

My answer:

Looks like your Apache server is still running. (So is your Node app.) You should kill it yourself if the Bitnami scripts failed to stop it.

View the full question and any other answers on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.