CentOS - Mar 2010 - cannot start or stop apache due to ssl changes

Apache was working with self signed certificate. We changed the ssl.conf
file to read certicates from godaddy and it it failed to restart because of
incorrecrt parphrase.

bash-3.2# /sbin/service httpd restart

Stopping httpd:                                            [  OK  ]

Starting httpd: Apache/2.2.3 mod_ssl/2.2.3 (Pass Phrase Dialog) Some of your
private key files are encrypted for security reasons.

In order to read them you have to provide the pass phrases.



Server tt.cs.sb.edu:443 (RSA) Enter pass phrase:

Apache:mod_ssl:Error: Private key not found.

**Stopped


 I then put the original ssl.conf back  (saved the ssl file with go daddy
changes to ssl_gd.conf) but could not stop or start apache and this was the
error

/sbin/service httpd start

Starting httpd: [Thu Mar 18 09:10:32 2010] [warn] module ssl_module is
already loaded, skipping [Thu Mar 18 09:10:32 2010] [warn] NameVirtualHost
*:443 has no VirtualHosts (98)Address already in use: make_sock: could not
bind to address [::]:443 (98)Address already in use: make_sock: could not
bind to address 0.0.0.0:443 no listening sockets available, shutting down
Unable to open logs



I re-generated the self signed certificate keys and restarted the server.

/sbin/service httpd start is looking for ssl_gd.conf and NOT SSL.CONF;
Don't know how this happened?


Starting httpd: Syntax error on line 143 of /etc/httpd/conf.d/ssl_gd.conf:
SSLCertificateFile: file '/etc/sslcertificate/gd.crt' does not exist or
is
empty
                                                           [FAILED]

Can anyone give some pointers to solve this?
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.centos.org/pipermail/centos/attachments/20100318/d8ede465/attachment-0002.html>

On Thu, Mar 18, 2010 at 10:04 AM, testwreq wreq <testwreq at gmail.com>
wrote:
> Apache was working with self signed certificate. We changed the ssl.conf
> file to read certicates from godaddy and it it failed to restart because of
> incorrecrt parphrase.
>
> bash-3.2# /sbin/service httpd restart
>
> Stopping httpd:??????????????????????????????????????????? [? OK? ]
>
> Starting httpd: Apache/2.2.3 mod_ssl/2.2.3 (Pass Phrase Dialog) Some of
your
> private key files are encrypted for security reasons.
>
> In order to read them you have to provide the pass phrases.
>
>
>
> Server tt.cs.sb.edu:443 (RSA) Enter pass phrase:
> Apache:mod_ssl:Error: Private key not found.
> **Stopped
Did you swap out both the server.key and server.crt files... and the
references in the config?


> I then put the original ssl.conf back? (saved the ssl file with go daddy
> changes to ssl_gd.conf) but could not stop or start apache and this was the
> error
> I re-generated the self signed certificate keys and restarted the server.
>
> /sbin/service httpd start is looking for ssl_gd.conf and NOT SSL.CONF;
> Don't know how this happened?
>
> Starting httpd: Syntax error on line 143 of /etc/httpd/conf.d/ssl_gd.conf:
> SSLCertificateFile: file '/etc/sslcertificate/gd.crt' does not
exist or is
> empty
> ?????????????????????????????????????????????????????????? [FAILED]
>
> Can anyone give some pointers to solve this?

The default httpd.conf looks for and includes any file with a .conf
extension from /etc/httpd/conf.d/ . If you want it to not load one of
the two configs you're using, make it .bak or something  other than
.conf.


-- 
During times of universal deceit, telling the truth becomes a revolutionary act.
George Orwell

> Apache was working with self signed certificate. We changed the ssl.conf
> file to read certicates from godaddy and it it failed to restart because
> of incorrecrt parphrase.
Passphrase? In which case, you need to get the correct passphrase.
<snip>
>  I then put the original ssl.conf back  (saved the ssl file with go daddy
> changes to ssl_gd.conf) but could not stop or start apache and this was
> the error
>
> /sbin/service httpd start
>
> Starting httpd: [Thu Mar 18 09:10:32 2010] [warn] module ssl_module is
> already loaded, skipping [Thu Mar 18 09:10:32 2010] [warn] NameVirtualHost
> *:443 has no VirtualHosts (98)Address already in use: make_sock: could not
> bind to address [::]:443 (98)Address already in use: make_sock: could not
> bind to address 0.0.0.0:443 no listening sockets available, shutting down
> Unable to open logs
Do you have another instance of apache running? It says that something's
already using this. Also, why is the ssl module loaded twice? Do you have
a module load in a file that is read prior to /etc/httpd/conf.d/ssl.conf?
Remember, they're read alphabetically.
>
> I re-generated the self signed certificate keys and restarted the server.
Why?
>
> /sbin/service httpd start is looking for ssl_gd.conf and NOT SSL.CONF;
> Don't know how this happened?
Because you've got it defined in your configuration files that
way.
>
> Starting httpd: Syntax error on line 143 of /etc/httpd/conf.d/ssl_gd.conf:
> SSLCertificateFile: file '/etc/sslcertificate/gd.crt' does not
exist or is
> empty
You're still trying the godaddy ssl, as well as the self-signed one. And
does that file exist?
>
> Can anyone give some pointers to solve this?
Perhaps you might want to read the apache documentation on their website
for the version of apache you're running; specifically, the ssl page?

          mark