Hi,
Can I get some assistance please.
Have installed LE v1 and v2 on a few testing environment in the last few months.
Am looking at installing V2 wildcard cert on a new Centos 7 with Apache testing environment.
Am still in early config stages and not clear why the error.
This is a new Server on our private cloud environment were we have a few other servers configured VMware.
Currently have one Vhost site on this server that displays a basic message where site is connected to via http through a basic HTML file.
Am looking at inserting the four lines of LE references in the main httpd.conf file at /etc/httpd/conf/httpd.conf
the certs are for wildcard domain for this server so do not want to insert in each Vhost conf file.
A scan of the ports shows they are open for 80 and 443.
When I advance to the next step of getting Certs and https started, the apache server throws an error and won’t start at all.
If I remove cert references, basic httpd starts for port 80 access.
Selluix is set to permissive mode, has not matter if enforced or permissive…
This is the output from the /var/log/httpd/error.log
[Fri Apr 13 08:23:35.409940 2018] [core:notice] [pid 1586] SELinux policy enabled; httpd running as context system_u:system_r:httpd_t:s0
[Fri Apr 13 08:23:35.412496 2018] [suexec:notice] [pid 1586] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Fri Apr 13 08:23:35.415993 2018] [ssl:emerg] [pid 1586] AH02311: Fatal error initialising mod_ssl, exiting. See /home/sites/www/logs/error.log for more information
The error log for the last line states “/home/sites/www/logs/error.log”
These are the errors in that file
[Fri Apr 13 08:23:35.415748 2018] [ssl:warn] [pid 1586] AH01909: RSA certificate configured for example.com:443 does NOT include an ID which matches the server name
[Fri Apr 13 08:23:35.415979 2018] [ssl:emerg] [pid 1586] AH01892: Illegal attempt to re-initialise SSL for server (SSLEngine On should go in the VirtualHost, not in global scope.)
For the last error “…SSLEngine On should go in the VirtualHost, not in global scope…” have made the change in file /etc/httpd/conf.d/ssl.conf
Turned off SSLEngine
#SSLEngine on
SSLEngine off
In the Vhost conf files I have included SSLEngine On
This is how the vhost httpd.conf is constructed
<VirtualHost *:80>
> ServerAdmin name@exampleweb.com
> ServerName example.com
> ServerAlias www.example.com
>
> DocumentRoot /home/sites/www/public_html
>
> ErrorLog /home/sites/www/logs/error.log
> CustomLog /home/sites/www/logs/access.log combinedio
>
> <Directory /home/Sites/www/public_html>
> DirectoryIndex index.html
> Options -Indexes +FollowSymLinks +Includes
> AllowOverride All
> Order allow,deny
> Allow from All
> Require all granted
> </Directory>
>
> </VirtualHost>
> <IfModule mod_ssl.c>
> <VirtualHost *:443>
> SSLEngine on
>
> ServerAdmin name@exampleweb.com
> ServerName example.com
> ServerAlias www.example.com
>
> ErrorLog /home/sites/www/logs/error.log
> CustomLog /home/sites/www/logs/access.log combinedio
> ErrorLog /home/sites/www/logs/error_ssl.log
>
> DocumentRoot /home/sites/www/public_html
> <Directory /home/sites/www/public_html>
> DirectoryIndex index.html
> Options -Indexes +FollowSymLinks +Includes
> AllowOverride All
> Order allow,deny
> Allow from All
> Require all granted
> </Directory>
> </VirtualHost>
> </IfModule>
Any help would be appreciated. Thanks in Advance.