Apache not starting log error below

kkuti

New member
Joined
Jul 23, 2017
Messages
4
I deleted a user which was quite routine. Apache has refused to start and the errors generated from /var/log/httpd/error.log
Fatal error initialising mod_ssl, exiting. See /var/log/httpd/domains/xxxxxx.com.error.log for more information
AH00016: Configuration Failed

Proceeded to check the logs for that domain and got the following message

ssl:emerg] [pid 3603:tid 34405905408] AH02231: No SSL protocols available [hint: SSLProtocol]

Then tried to renew the domain certificates with the LetsEncrypt tool from the command line, it generated the error below

Requesting new certificate order...
Processing authorization for www.xxxxx.com...
Error: http://www.xxxxx.com/.well-known/acme-challenge/letsencrypt_1559826591 is not reachable. Aborting the script.
dig output for www.xxxxx.com:
xxx.236.xxx.xxx
Please make sure /.well-known alias is setup in WWW server.

Tried also used custombuild to rebuild Apapche, PHP and rewrite_confs.....................No joy

the httpd-alias.conf fine seems fine with the well-known alias line included...........PLEASE HELP
 

kkuti

New member
Joined
Jul 23, 2017
Messages
4
AH00112: Warning: DocumentRoot [/home/admin/domains/sharedip] does not exist
AH00112: Warning: DocumentRoot [/home/admin/domains/sharedip] does not exist
AH00112: Warning: DocumentRoot [/home/admin/domains/sharedip] does not exist
AH00112: Warning: DocumentRoot [/home/admin/domains/sharedip] does not exist
AH00112: Warning: DocumentRoot [/home/admin/domains/sharedip] does not exist
AH00112: Warning: DocumentRoot [/home/admin/domains/sharedip] does not exist
AH00112: Warning: DocumentRoot [/home/admin/domains/sharedip] does not exist
AH00112: Warning: DocumentRoot [/home/admin/domains/sharedip] does not exist
AH00112: Warning: DocumentRoot [/home/admin/domains/sharedip] does not exist
AH00112: Warning: DocumentRoot [/home/admin/domains/sharedip] does not exist
AH00112: Warning: DocumentRoot [/home/admin/domains/sharedip] does not exist
AH00112: Warning: DocumentRoot [/home/admin/domains/sharedip] does not exist
AH00112: Warning: DocumentRoot [/home/admin/domains/sharedip] does not exist
AH00112: Warning: DocumentRoot [/home/admin/domains/sharedip] does not exist
AH00112: Warning: DocumentRoot [/home/admin/domains/sharedip] does not exist
AH00112: Warning: DocumentRoot [/home/admin/domains/sharedip] does not exist
AH00112: Warning: DocumentRoot [/home/admin/domains/sharedip] does not exist
AH00112: Warning: DocumentRoot [/home/admin/domains/sharedip] does not exist
AH00112: Warning: DocumentRoot [/home/xxxx/domains/xxxx.com/public_html/lagos] does not exist
AH00112: Warning: DocumentRoot [/home/xxxx/domains/xxxxx.com/private_html/lagos] does not exist
Loaded Modules:
core_module (static)
authn_file_module (static)
authn_dbm_module (static)
authn_anon_module (static)
authn_dbd_module (static)
authn_socache_module (static)
authn_core_module (static)
authz_host_module (static)
authz_groupfile_module (static)
authz_user_module (static)
authz_dbm_module (static)
authz_owner_module (static)
authz_dbd_module (static)
authz_core_module (static)
access_compat_module (static)
auth_basic_module (static)
auth_form_module (static)
auth_digest_module (static)
allowmethods_module (static)
file_cache_module (static)
cache_module (static)
cache_disk_module (static)
cache_socache_module (static)
socache_shmcb_module (static)
socache_dbm_module (static)
socache_memcache_module (static)
socache_redis_module (static)
so_module (static)
watchdog_module (static)
macro_module (static)
dbd_module (static)
dumpio_module (static)
buffer_module (static)
ratelimit_module (static)
reqtimeout_module (static)
ext_filter_module (static)
request_module (static)
include_module (static)
filter_module (static)
substitute_module (static)
sed_module (static)
deflate_module (static)
http_module (static)
mime_module (static)
log_config_module (static)
log_debug_module (static)
logio_module (static)
env_module (static)
expires_module (static)
headers_module (static)
unique_id_module (static)
setenvif_module (static)
version_module (static)
remoteip_module (static)
proxy_module (static)
proxy_connect_module (static)
proxy_ftp_module (static)
proxy_http_module (static)
proxy_fcgi_module (static)
proxy_scgi_module (static)
proxy_uwsgi_module (static)
proxy_fdpass_module (static)
proxy_wstunnel_module (static)
proxy_ajp_module (static)
proxy_balancer_module (static)
proxy_express_module (static)
proxy_hcheck_module (static)
session_module (static)
session_cookie_module (static)
session_dbd_module (static)
slotmem_shm_module (static)
ssl_module (static)
http2_module (static)
lbmethod_byrequests_module (static)
lbmethod_bytraffic_module (static)
lbmethod_bybusyness_module (static)
lbmethod_heartbeat_module (static)
unixd_module (static)
dav_module (static)
status_module (static)
autoindex_module (static)
info_module (static)
suexec_module (static)
cgi_module (static)
dav_fs_module (static)
dav_lock_module (static)
vhost_alias_module (static)
negotiation_module (static)
dir_module (static)
actions_module (static)
speling_module (static)
userdir_module (static)
alias_module (static)
rewrite_module (static)
mpm_event_module (shared)
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
13,900
Location
GMT +7.00
and this one:

Code:
grep SSLProtocol /etc/httpd/conf/extra/httpd-ssl.conf /usr/local/directadmin/custombuild/configure/ap2/conf/extra/httpd-ssl.conf /usr/local/directadmin/custombuild/configure/ap2/custom/extra/httpd-ssl.conf
 

kkuti

New member
Joined
Jul 23, 2017
Messages
4
/etc/httpd/conf/extra/httpd-ssl.conf:SSLProtocol All -SSLv2 -SSLv3 -TLSv1
/usr/local/directadmin/custombuild/configure/ap2/conf/extra/httpd-ssl.conf:SSLProtocol All -SSLv2 -SSLv3 -TLSv1
grep: /usr/local/directadmin/custombuild/configure/ap2/custom/extra/httpd-ssl.conf: No such file or directory

*** The last folder /usr/local/directadmin/custombuild/configure/ap2/custom does not exist

Thanx very much for your assistance so far
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
13,900
Location
GMT +7.00
and this once more:

Code:
grep -R SSLProtocol /usr/local/directadmin/data/users/*/httpd.conf /usr/local/directadmin/data/templates/custom/virtual_host2*.conf /etc/httpd/conf/
Code:
openssl version
and what OS is that?
 

kkuti

New member
Joined
Jul 23, 2017
Messages
4
/etc/httpd/conf/extra/httpd-ssl.conf:SSLProtocol All -SSLv2 -SSLv3 -TLSv1
/etc/httpd/conf/extra/xhttpd-ssl.conf:SSLProtocol All -SSLv2 -SSLv3 -TLSv1
/etc/httpd/conf/original/extra/httpd-ssl.conf:SSLProtocol all -SSLv3

**** Openssl version 0.9.8za
**** OS is FreeBSD 9.3
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
13,900
Location
GMT +7.00
Your server's OS version is too old. You need to upgrade the OS, meanwhile you might try and enable TLSv1 back:

Code:
mkdir -p [COLOR=#333333]/usr/local/directadmin/custombuild/configure/ap2/custom/extra/
cp [/COLOR][COLOR=#333333]/usr/local/directadmin/custombuild/configure/ap2/conf/extra/httpd-ssl.conf [/COLOR][COLOR=#333333]/usr/local/directadmin/custombuild/configure/ap2/custom/extra/httpd-ssl.conf
perl -pi -e 's#[/COLOR][COLOR=#333333]SSLProtocol.*#[/COLOR][COLOR=#333333]SSLProtocol All -SSLv2 -SSLv3#[/COLOR][COLOR=#333333]' [/COLOR][COLOR=#333333]/usr/local/directadmin/custombuild/configure/ap2/custom/extra/httpd-ssl.conf
cd [/COLOR][COLOR=#333333]/usr/local/directadmin/custombuild/
./build rewrite_confs[/COLOR]
 

wattie

Verified User
Joined
May 31, 2008
Messages
997
Location
Bulgaria
OpenSSL 0.9.8* do NOT support TLS v1.1 and v1.2. Your Apache config is more modern and it disables TLS 1.0 and all SSL versions. Therefore it leaves no TLS/SSL support available for httpd at all.

What you should do is to enable support for TLS 1.0 like zEitEr said.

And yes, you should consider upgrading your system. FreeBSD is usually easy to upgrade with the freebsd-upgrade utility. I was able to up a server from 7.0 to 11.2 before few months with no major issues (I had to recompile all ports and remove few deprecated things from some configs to reduce error messages in the console but it was overall flawless).
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
13,900
Location
GMT +7.00
The server has already been upgraded to FreeBSD 11.2, and now it runs Apache with newer TLS versions.
 
Top