httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sweeny, Theo (Chief Customer Office)" <theo.swe...@directlinegroup.co.uk>
Subject Re: [users@httpd] SSL Certs Not Loading
Date Tue, 25 Apr 2017 13:44:27 GMT
I’ve enabled debug log for ssl in the vhosts file like so - 

<IfModule mod_ssl.c> 
    ErrorLog /var/log/apache2/ssl_engine.log 
    LogLevel debug 
  </IfModule>

The output from this log is 

[Fri Apr 21 16:38:35.834335 2017] [ssl:info] [pid 576:tid 140583896000320] AH02200: Loading
certificate & private key of SSL-aware server 'xxx.com:443'
[Fri Apr 21 16:38:35.834528 2017] [ssl:debug] [pid 576:tid 140583896000320] ssl_engine_pphrase.c(506):
AH02249: unencrypted RSA private key - pass phrase not required
[Fri Apr 21 16:38:35.853856 2017] [ssl:info] [pid 576:tid 140583896000320] AH01914: Configuring
server 'xxx.com:443' for SSL protocol
[Fri Apr 21 16:38:35.853973 2017] [ssl:emerg] [pid 576:tid 140583896000320] AH01895: Unable
to configure verify locations for client authentication

> On 25 Apr 2017, at 14:32, Robert Moskowitz <rgm@htt-consult.com> wrote:
> 
> On my Centos system, I would be looking at: /etc/httpd/logs/ssl_error_log for cert errors.
> 
> On 04/25/2017 03:18 PM, Sweeny, Theo (Chief Customer Office) wrote:
>> Hi Robert - the error found in  /content/logs/httpd/error.log
>> 
>> [Fri Apr 21 13:30:00.575781 2017] [ssl:emerg] [pid 97:tid 140688597538624] AH01895:
Unable to configure verify locations for client authentication
>> 
>> I think it is a SSL cert issue, since adding the ssl certs the server has stopped
working.
>> 
>>> On 25 Apr 2017, at 14:11, Robert Moskowitz <rgm@htt-consult.com> wrote:
>>> 
>>> So what does /content/logs/httpd/error.log say?
>>> 
>>> Often a permission problem.
>>> 
>>> On 04/25/2017 02:55 PM, Sweeny, Theo (Chief Customer Office) wrote:
>>>> Hello - I’ve installed new SSL certs on Apache v2.4.3 and for a single
vhost - but the server won’t start.
>>>> 
>>>> The error logs are -
>>>> 
>>>> [Fri Apr 21 13:30:00.575805 2017] [ssl:emerg] [pid 97:tid 140688597538624]
AH02311: Fatal error initialising mod_ssl, exiting. See /content/logs/httpd/error.log for
more information
>>>> 
>>>> [Fri Apr 21 13:30:00.575781 2017] [ssl:emerg] [pid 97:tid 140688597538624]
AH01895: Unable to configure verify locations for client authentication
>>>> 
>>>> Can you offer some pointers?
>>>> 
>>>> Regards,
>>>> 
>>>> Theo
>>>> 
>>>> 
>>>> 
>>>> 
>>>> Direct Line Insurance Group plc. Registered in England & Wales No 02280426.
Registered Office: Churchill Court, Westmoreland Road, Bromley, Kent, BR1 1DP
>>>> 
>>>> This e-mail message is confidential and for use by the addressee only. If
the message is received by anyone other than the addressee, please return the message to the
sender by replying to it and then delete the message from your computer. You should not copy,
print, distribute, disclose or use any part of it. Internet e-mails are not necessarily secure.
By replying to this message you give your consent to our monitoring of your email communications
with us. We do not accept responsibility for changes made to this message after it was sent.
>>>> 
>>>> We cannot accept any liability for viruses transmitted via this email once
it has left our network. We will never send e-mails requesting personal or confidential information.
If you ever receive such an e-mail appearing to come from us, do not reply to it, instead
please contact us immediately.
>>>> 
>>>> ______________________________________________________________________
>>>> This email has been scanned by the Symantec Email Security.cloud service.
>>>> For more information please visit http://www.symanteccloud.com
>>>> ______________________________________________________________________
>>>> 
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>>> For additional commands, e-mail: users-help@httpd.apache.org
>>> 
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>> For additional commands, e-mail: users-help@httpd.apache.org
>>> 
>>> 
>>> ______________________________________________________________________
>>> This email has been scanned by the Symantec Email Security.cloud service.
>>> For more information please visit http://www.symanteccloud.com
>>> ______________________________________________________________________
>> 
>> ______________________________________________________________________
>> This email has been scanned by the Symantec Email Security.cloud service.
>> For more information please visit http://www.symanteccloud.com
>> ______________________________________________________________________
>> 
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
> 
> 
> ______________________________________________________________________
> This email has been scanned by the Symantec Email Security.cloud service.
> For more information please visit http://www.symanteccloud.com
> ______________________________________________________________________


______________________________________________________________________
This email has been scanned by the Symantec Email Security.cloud service.
For more information please visit http://www.symanteccloud.com
______________________________________________________________________
Mime
View raw message