logo
Apache Lounge
Webmasters

 


About

Forum Index Downloads Search Register Log in  RSS Apache Lounge
 


Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Apache Lounge is not sponsored.

Your donations will help to keep this site alive and well, and continuing building binaries.



Mod_md :: issue when adding one MDomain

 
Post new topic   Reply to topic    Apache Forum Index -> Apache



View previous topic :: View next topic  
Author Message
jasch



Joined: 11 Apr 2008
Posts: 7

PostPosted: Fri 30 Nov '18 4:40    Post subject: Mod_md :: issue when adding one MDomain Reply with quote

Split from www.apachelounge.com/viewtopic.php?t=7786

Apologies in advance, if this is not the place to post (makes me wonder, how this wonderful directive has no comments at all from nobody in one year).

I've been using this directive for months without any troubles, until last night. Adding one MDomain directive for one domain causes Apache to not start up at all.

If I add MDomains readcts.com apache will not start. Remove the line, everything works.

Here's the relevant log, if somebody might be able to help.

https://www.dropbox.com/s/26w2f4m40b217io/md.txt?dl=0

The error seems to be, md{readcts.com}: incomplete, without private key
Back to top
DnvrSysEngr



Joined: 15 Apr 2012
Posts: 186
Location: Denver, CO USA

PostPosted: Fri 30 Nov '18 18:35    Post subject: Reply with quote

Something to try:

Rename the folder that you have the command pointed to.

For example, in my .conf file, I have mine pointed to a folder named ManagedDomains. Rename that folder, and then see if Apache starts. If successful, the folder should be recreated and the certs should be recreated/updated.
Back to top
jasch



Joined: 11 Apr 2008
Posts: 7

PostPosted: Sat 08 Dec '18 6:01    Post subject: Reply with quote

Well, I am using the default directory "MD". I tried adding a new domain, and again Apache crashed when starting up.

I have another (exact configuracion) server, and I moved a domain from that server, to this one, copied, the Certificates from MD, and it started up perfectly.

It seems the problem is generating new Certs....
Back to top
jasch



Joined: 11 Apr 2008
Posts: 7

PostPosted: Sat 08 Dec '18 16:40    Post subject: Reply with quote

This is the log from the new domain:

Code:
[Sat Dec 08 08:27:44.347801 2018] [md:debug] [pid 2564:tid 364] mod_md.c(1012): AH10070: initializing post config dry run
[Sat Dec 08 08:27:44.347801 2018] [md:debug] [pid 2564:tid 364] mod_md.c(357): AH10037: server seems reachable via http: (port 80->80) and reachable via https: (port 443->443)
[Sat Dec 08 08:27:44.347801 2018] [md:debug] [pid 2564:tid 364] mod_md.c(219): AH10041: Server galeria11-12.com:0 matches md galeria11-12.com (config galeria11-12.com[default, default])
[Sat Dec 08 08:27:44.347801 2018] [md:debug] [pid 2564:tid 364] mod_md.c(249): AH10043: Managed Domain galeria11-12.com applies to vhost galeria11-12.com:0
[Sat Dec 08 08:27:44.347801 2018] [md:debug] [pid 2564:tid 364] mod_md.c(280): AH10044: galeria11-12.com: added contact mailto:admin@conexion.cr
[Sat Dec 08 08:27:44.347801 2018] [md:debug] [pid 2564:tid 364] mod_md.c(389): AH10039: Completed MD[galeria11-12.com, CA=https://acme-v01.api.letsencrypt.org/directory, Proto=ACME, Agreement=https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf, Drive=1, renew=2134720512]
[Sat Dec 08 08:27:44.347801 2018] [md:debug] [pid 2564:tid 364] md_reg.c(706): sync: found 1 mds in store
[Sat Dec 08 08:27:44.363401 2018] [md:debug] [pid 2564:tid 364] md_reg.c(793): galeria11-12.com: update renew norm=2109194240, window=2134720512
[Sat Dec 08 08:27:44.363401 2018] [md:debug] [pid 2564:tid 364] md_reg.c(192): md{galeria11-12.com}: incomplete, without private key
[Sat Dec 08 08:27:44.363401 2018] [md:debug] [pid 2564:tid 364] md_reg.c(488): update md galeria11-12.com
[Sat Dec 08 08:27:44.363401 2018] [md:debug] [pid 2564:tid 364] md_reg.c(192): md{galeria11-12.com}: incomplete, without private key
[Sat Dec 08 08:27:44.363401 2018] [md:debug] [pid 2564:tid 364] md_reg.c(830): md galeria11-12.com updated
[Sat Dec 08 08:27:44.363401 2018] [ssl:emerg] [pid 2564:tid 364] AH01903: Failed to configure CA certificate chain!
[Sat Dec 08 08:27:44.379001 2018] [ssl:emerg] [pid 2564:tid 364] AH02312: Fatal error initialising mod_ssl, exiting.
AH00016: Configuration Failed
Back to top
DnvrSysEngr



Joined: 15 Apr 2012
Posts: 186
Location: Denver, CO USA

PostPosted: Sat 08 Dec '18 19:50    Post subject: Reply with quote

Do you have a .well-known directory? --- which is where the acme challenge directory resides as well.

You mentioned you copied this from an existing WEB server? You many need to rerun letsencrypt to get it to once again set up the configuration.
Back to top


Post new topic   Reply to topic    Apache Forum Index -> Apache
Page 1 of 1