Keep Server Online
If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.
or
A donation makes a contribution towards the costs, the time and effort that's going in this site and building.
Thank You! Steffen
Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
| |
|
 Topic: https for apache2 on opensuse, not starting |
|
| Author |
|
bghayad
Joined: 26 May 2013
Posts: 5
Location: Kuwait
|
 Posted: Sun 26 May '13 10:14 Post subject: https for apache2 on opensuse, not starting |
 |
|
Hello;
I am facing a problem to enable the https with the apache2, I feel it is related to the certificate as I am creating a dummy certificate, but until now I am not able to know the reason, kindly find below my data and configuration for the opensuse machine:
ANASKW:~ # cat /etc/SuSE-release
openSUSE 12.1 (x86_64)
VERSION = 12.1
CODENAME = Asparagus
vi /var/log/apache2/error.log
[Sat May 25 23:37:26 2013] [info] Init: Seeding PRNG with 144 bytes of entropy
[Sat May 25 23:37:26 2013] [info] Loading certificate & private key of SSL-aware server
[Sat May 25 23:37:26 2013] [debug] ssl_engine_pphrase.c(470): unencrypted RSA private key - pass phrase not required
[Sat May 25 23:37:26 2013] [info] Init: Generating temporary RSA private keys (512/1024 bits)
[Sat May 25 23:37:26 2013] [info] Init: Generating temporary DH parameters (512/1024 bits)
[Sat May 25 23:37:26 2013] [info] Init: Initializing (virtual) servers for SSL
[Sat May 25 23:37:26 2013] [info] Configuring server for SSL protocol
[Sat May 25 23:37:26 2013] [debug] ssl_engine_init.c(465): Creating new SSL context (protocols: TLSv1)
[Sat May 25 23:37:26 2013] [debug] ssl_engine_init.c(666): Configuring permitted SSL ciphers [ALL:!aNULL:!eNULL:!SSLv2:!LOW:!EXP:!MD5:@STRENGTH]
[Sat May 25 23:37:26 2013] [debug] ssl_engine_init.c(420): Configuring TLS extension handling
[Sat May 25 23:37:26 2013] [debug] ssl_engine_init.c(797): Configuring RSA server certificate
[Sat May 25 23:37:26 2013] [debug] ssl_engine_init.c(836): Configuring RSA server private key
[Sat May 25 23:37:26 2013] [info] mod_ssl/2.2.21 compiled against Server: Apache/2.2.21, Library: OpenSSL/1.0.0k
ANASKW:/var/log/apache2 # rcapache2 restart
redirecting to systemctl
Job failed. See system logs and 'systemctl status' for details.
ANASKW:/var/log/apache2 # systemctl status apache2.service
apache2.service - apache
Loaded: loaded (/lib/systemd/system/apache2.service; enabled)
Active: failed since Sat, 25 May 2013 23:44:32 +0300; 36s ago
Process: 27659 ExecStart=/usr/sbin/start_apache2 -D SYSTEMD -k start (code=exited, status=0/SUCCESS)
CGroup: name=systemd:/system/apache2.service
vi /etc/apache2/listen.conf
Listen 443
Listen 80
vi /etc/apache2/vhosts.d/vhost-ssl.conf
<VirtualHost _default_:443>
# <VirtualHost *:443>
<VirtualHost _default_:443>
# <VirtualHost *:443>
# General setup for the virtual host
DocumentRoot "/srv/www/htdocs"
ServerName 192.168.0.5:443
ServerAdmin webmaster@anas.com
ErrorLog /var/log/apache2/error_log
TransferLog /var/log/apache2/access_log
SSLCertificateFile /etc/apache2/ssl.crt/server.crt
SSLCertificateKeyFile /etc/apache2/ssl.key/server.key
The certificate was generated using the following command:
gensslcert -c KW -s Farwaneyyah -o anas -e webmaster@anas.com -n 192.168.0.5
subject=/C=KW/ST=Farwaneyyah/L=unknown/O=anas/OU=web server/CN=192.168.0.5/emailAddress=webmaster@anas.com
About the /etc/sysconfig/apache2, the ssl existed in the APACHE_MODULES and the APACHE_SERVER_FLAGS and I tried APACHE_SERVER_FLAGS="-D SSL" and I tried APACHE_SERVER_FLAGS="SSL" but no luck
What is the wrong thing that I have? I feel it is related to the certificate .. but what it could be?
Regards
Bilal |
|
| Back to top |
|
bghayad
Joined: 26 May 2013
Posts: 5
Location: Kuwait
|
| Posted: Sun 26 May '13 13:07 Post subject: |
|
|
Now I used:
openssl genrsa -des3 -out server.key -rand randomfile
and
openssl req -new -x509 -key server.key -out server.crt
And I placed the ServerName anaskw:443 and I used this name (anaskw) to create the crt file.
Now, when I am typing rcapache2 restart, I am getting the following:
anaskw:/etc/apache2/vhosts.d # rcapache2 restart
redirecting to systemctl
Enter SSL pass phrase for anaskw:443 (RSA): *********
Job failed. See system logs and 'systemctl status' for details.
And the logs is:
vi /var/log/apache2/error_log:
[Sun May 26 14:05:58 2013] [info] Init: Seeding PRNG with 144 bytes of entropy
[Sun May 26 14:05:58 2013] [info] Loading certificate & private key of SSL-aware server
[Sun May 26 14:05:58 2013] [info] Init: Requesting pass phrase from dialog filter program (/usr/sbin/apache2-systemd-ask-pass)
[Sun May 26 14:06:01 2013] [debug] ssl_engine_pphrase.c(476): encrypted RSA private key - pass phrase requested
[Sun May 26 14:06:01 2013] [info] Loading certificate & private key of SSL-aware server
[Sun May 26 14:06:01 2013] [info] anaskw:443 reusing existing RSA private key on restart
[Sun May 26 14:06:01 2013] [info] Init: Generating temporary RSA private keys (512/1024 bits)
[Sun May 26 14:06:01 2013] [info] Init: Generating temporary DH parameters (512/1024 bits)
[Sun May 26 14:06:01 2013] [info] Init: Initializing (virtual) servers for SSL
[Sun May 26 14:06:01 2013] [info] Configuring server for SSL protocol
[Sun May 26 14:06:01 2013] [debug] ssl_engine_init.c(465): Creating new SSL context (protocols: SSLv2, SSLv3, TLSv1)
[Sun May 26 14:06:01 2013] [debug] ssl_engine_init.c(666): Configuring permitted SSL ciphers [ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL]
[Sun May 26 14:06:01 2013] [debug] ssl_engine_init.c(420): Configuring TLS extension handling
[Sun May 26 14:06:01 2013] [debug] ssl_engine_init.c(797): Configuring RSA server certificate
[Sun May 26 14:06:01 2013] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Sun May 26 14:06:01 2013] [debug] ssl_engine_init.c(836): Configuring RSA server private key
[Sun May 26 14:06:01 2013] [info] Configuring server for SSL protocol
[Sun May 26 14:06:01 2013] [debug] ssl_engine_init.c(465): Creating new SSL context (protocols: TLSv1)
[Sun May 26 14:06:01 2013] [debug] ssl_engine_init.c(666): Configuring permitted SSL ciphers [ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL]
[Sun May 26 14:06:01 2013] [debug] ssl_engine_init.c(420): Configuring TLS extension handling
[Sun May 26 14:06:01 2013] [debug] ssl_engine_init.c(797): Configuring RSA server certificate
[Sun May 26 14:06:01 2013] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Sun May 26 14:06:01 2013] [debug] ssl_engine_init.c(836): Configuring RSA server private key
[Sun May 26 14:06:01 2013] [info] mod_ssl/2.2.21 compiled against Server: Apache/2.2.21, Library: OpenSSL/1.0.0k
What I have to do?
Really I got to be very tired.
Regards
Bilal |
|
| Back to top |
|
James Blond
Moderator
Joined: 19 Jan 2006
Posts: 7443
Location: EU, Germany, Next to Hamburg
|
| Posted: Tue 28 May '13 23:10 Post subject: |
|
|
| The part from the log why apache isn't starting is missing. Maybe you can post the whole log at pastebin com and post here the link to it. |
|
| Back to top |
|
|
|
|
|
|
