Apache cannot start

K

kimbo

Verified User
Joined
Apr 23, 2013
Messages
57
on 10th of Jan I renewed a certificate for my main domain and also DA control panel, which was functioning fine. Even after restarting httpd.
Since today httpd stopped working and I have no clue what the issue can be.

Only find this:

Httpd error log: AH00016: Configuration Failed

httpd.service - The Apache HTTP Server
Loaded: loaded (/etc/systemd/system/httpd.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Wed 2022-01-12 22:27:10 CET; 10s ago
Process: 17081 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND (code=exited, status=1/FAILURE)
Main PID: 17081 (code=exited, status=1/FAILURE)
Status: "Reading configuration..."

Jan 12 22:27:10 websrv01.mydomain.net systemd[1]: Starting The Apache HTTP Server...
Jan 12 22:27:10 websrv01.mydomain.net systemd[1]: httpd.service: main process exited, code=exited, status=1/FAILURE
Jan 12 22:27:10 websrv01.mydomain.net systemd[1]: Failed to start The Apache HTTP Server.
Jan 12 22:27:10 websrv01.mydomain.net systemd[1]: Unit httpd.service entered failed state.
Jan 12 22:27:10 websrv01.mydomain.net systemd[1]: httpd.service failed.
Click to expand...
 
Code: 
cd /usr/local/directadmin/custombuild
./build update
./build php
./build apache
./build rewrite_confs
 
cd /usr/local/directadmin/custombuild
./build update
./build php
./build apache
./build rewrite_confs

still its not working then check this

systemctl restart httpd.service and then check the journel -xe
 
What is your server OS?
Did you tried to reissue an new certificate ?

EDIT:
what is the output of tail -f /var/log/httpd/error_log and tail -f /var/log/httpd/domains/domain.com.error.log (change domain.com with your own)
 
httpd error log gives now something new:
[Wed Jan 12 23:08:06.417355 2022] [ssl:emerg] [pid 25279:tid 140546957641856] AH02565: Certificate and private key localhost:443:0 from /etc/httpd/conf/ssl.crt/server.crt.combined and /etc/httpd/conf/ssl.key/server.key do not match
AH00016: Configuration Failed
Click to expand...
No other error, no existing.

In the meantime I was running the suggested rebuilds by hmaddy and the last one for apache did the job:
Installing man pages and online manual
make[1]: Leaving directory `/usr/local/directadmin/custombuild/httpd-2.4.51'
Restoring certificate and key, and turning on httpd for DirectAdmins's check.
Checking to ensure /etc/httpd/conf/ssl.crt/server.ca is set.
Enabling httpd in systemd...
Checking to ensure /etc/httpd/conf/ssl.crt/server.ca is set.
Using 185.224.88.76 for your server IP
Restarting apache.
Click to expand...

I believe I still need to generate a new certificate for the server domain:
[Wed Jan 12 23:18:16.964735 2022] [ssl:warn] [pid 29444:tid 140474909522048] AH01906: localhost:443:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Wed Jan 12 23:18:16.964769 2022] [ssl:warn] [pid 29444:tid 140474909522048] AH01909: localhost:443:0 server certificate does NOT include an ID which matches the server name
[Wed Jan 12 23:18:16.965530 2022] [ssl:warn] [pid 29444:tid 140474909522048] AH01906: www.example.com:443:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Wed Jan 12 23:18:16.965549 2022] [ssl:warn] [pid 29444:tid 140474909522048] AH01909: www.example.com:443:0 server certificate does NOT include an ID which matches the server name
Click to expand...
 
Active8 said:
Was by me :) but no problem, glad you have solved that part

That was mine second suggestion, did you generate an new certificate ?
Click to expand...
Haha true you were 2mins before.. small screen on my tablet PC :) Thanks anyway!

Certificate I still need to generate... self signed or letsencrypt? :)
 
I had the exact same problem when I renewed my certificate. It was working great in DirectAdmin, but Apache crashed on it. I can confirm that reinstalling Apache worked (WTF?)

/var/log/httpd/error_log:
Code: 
[Mon Jan 17 16:39:06.534010 2022] [ssl:emerg] [pid 30121] AH02565: Certificate and private key server0.example.com:443:0 from /etc/httpd/conf/ssl.crt/server.crt and /etc/httpd/conf/ssl.key/server.key do not match
AH00016: Configuration Failed

I verified using OpenSSL that the certificate and private key were in fact a match. To check this, you can use the following two commands, which should give the same output.

Code: 
openssl rsa -in /etc/httpd/conf/ssl.key/server.key -noout -modulus
openssl x509 -in /etc/httpd/conf/ssl.crt/server.crt -noout -modulus

Rebuilding Apache as in this post solved the problem, I never expected that to work, so thank you :)
 
You must log in or register to reply here.
Back
Top