macOS Apache error


#1

My domain is: spartn.com

Although I have about 10 domains total on the server. spartn.com is the ServerName as listed in httpd.conf.

I ran this command: sudo apachectl start

It produced this output:

[Sat May 19 04:13:58.463006 2018] [ssl:emerg] [pid 11959] AH02572: Failed to configure at least one certificate and key for spartn.com:443
[Sat May 19 04:13:58.463406 2018] [ssl:emerg] [pid 11959] SSL Library Error: error:140A80B1:SSL routines:SSL_CTX_check_private_key:no certificate assigned
[Sat May 19 04:13:58.463416 2018] [ssl:emerg] [pid 11959] AH02312: Fatal error initialising mod_ssl, exiting.
AH00016: Configuration Failed

My web server is (include version): Apache (installed using Brew)

The operating system my web server runs on is (include version): Mac OS High Sierra 10.13.3

My hosting provider, if applicable, is: self-hosted macmini

I can login to a root shell on my machine (yes or no, or I don’t know): yes

sudo ls -l /etc/letsencrypt/live/spartn.com produces:

total 40
-rwxr-xr-x  1 root  wheel  682 May 18 11:21 README
lrwxr-xr-x  1 root  wheel   34 May 18 11:21 cert.pem -> ../../archive/spartn.com/cert1.pem
lrwxr-xr-x  1 root  wheel   35 May 18 11:21 chain.pem -> ../../archive/spartn.com/chain1.pem
lrwxr-xr-x  1 root  wheel   39 May 18 11:21 fullchain.pem -> ../../archive/spartn.com/fullchain1.pem
lrwxr-xr-x  1 root  wheel   37 May 18 11:21 privkey.pem -> ../../archive/spartn.com/privkey1.pem

the apache user:group in httpd.conf is pipper:staff, if that matters.

I’m stumped. The server runs fine without SSL enabled.

Thanks

Dennis


#3

Hi @dennispipper,

Could you post the Apache configuration file for this virtual host? It might be missing one or more lines that should be pointing at these PEM files.


#4

Please show:
grep -Eri 'ServerName|ServerAlias' /etc/apache2
or (depending on your version of Apache)
grep -Eri 'ServerName|ServerAlias' /etc/httpd/


#5

@schoen here is the vhosts file for this domain, all the domains on the server look pretty much the same, though.

<VirtualHost *:80>
    DocumentRoot /Users/pipper/Sites/Default
    ServerName spartn.com
    ServerAlias www.spartn.com
     ErrorLog /usr/local/var/log/httpd/error_log
    CustomLog /usr/local/var/log/httpd/access_log common
</VirtualHost>

<VirtualHost *:443>
    DocumentRoot /Users/pipper/Sites/Default
    ServerName spartn.com
     ServerAlias www.spartn.com
    SSLEngine on
    SSLCertificateFile /etc/letsencrypt/live/spartn.com/cert.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/spartn.com/privkey.pem
</VirtualHost>

#6

@rg305 here is what I have:

spartn:~ pipper$ grep -Eri 'ServerName|ServerAlias' /usr/local/bin/httpd
Binary file /usr/local/bin/httpd matches

#7

grep through the folder that has the vhost config file(s).

What folder are they in?


#8

The vhosts files are in the /usr/local/etc/httpd/extra/vhosts. The vhosts file can be read, because the sites load on port 80 without the Include statement for the httpd-ssl in the httpd.conf


#9

Please show:
grep -Eri 'ServerName|ServerAlias|VirtualHost|Listen' /usr/local/etc/httpd/extra


#10

It returned quote a few lines, so I’ve put it in a text file in the “cloud”:

https://cl.ly/rhzB


#11

Ok, please post the contents of these blocks:

/usr/local/etc/httpd/extra/httpd-ssl.conf:<VirtualHost _default_:443>
/usr/local/etc/httpd/extra/httpd-ssl.conf:</VirtualHost>

/usr/local/etc/httpd/extra/httpd-vhosts.conf:<VirtualHost *:80>
/usr/local/etc/httpd/extra/httpd-vhosts.conf: ServerName spartn.com
/usr/local/etc/httpd/extra/httpd-vhosts.conf: ServerAlias www.spartn.com
/usr/local/etc/httpd/extra/httpd-vhosts.conf:</VirtualHost>

/usr/local/etc/httpd/extra/vhosts/_default.conf:<VirtualHost *:80>
/usr/local/etc/httpd/extra/vhosts/_default.conf: ServerName spartn.com
/usr/local/etc/httpd/extra/vhosts/_default.conf: ServerAlias www.spartn.com
/usr/local/etc/httpd/extra/vhosts/_default.conf:</VirtualHost>

and the contents of this file:
/usr/local/etc/httpd/extra/vhosts/spartn.com.conf

and also this output:
grep -Ri include /usr/local/etc/httpd/


#12

In a number of other threads, an Apache VirtualHost _default:443 has turned out to be the problem somehow (for example maybe here it doesn’t have a certificate assigned in that virtual host?).


#13

Yes, I’m also leaning in that direction.
Just a bit more methodically and ever so deliberate in showing why we decided to look there.


#14

Included in this link: https://cl.ly/rhGu


#15

I can’t find any overlap…….


#16

I don’t understand the _default_ thing very well, but it seemed like some other users solved their problems by completely commenting out a _default_ virtual host.


#17

@schoen @rg305 removing the _default did it! Everything works like a champ now

Thank you for your help. I am very grateful

Dennis


#18

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.