SSLCertificateFile: file '/private/etc/apache2/server.crt' does not exist or is empty


Remove your redirect http -> https (add #), then check, if port 80 works.


…back, no change, fyi shows "It works" [default apache page]
localhost refuses to connect

fyi, here is hosts file	localhost	broadcasthost
::1             localhost

…oh just seen your last reply re redirect - can I simply change “RewriteEngine” to “off” in httpd-vhosts.conf?


…took a punt

WORKS - yay [shows my “Hello World” page]

bother refuse to connect…


httpd.conf has…


and httpd-vhosts-le-ssl.conf has

<VirtualHost *:443>
   RewriteEngine on

the above was only browser cache - this also does not connect



Add # in that and the next three rows.

Or remove your port 443 vHost complete, so you have only a http vHost.

Check /sites-enabled to remove the symbolic link.


…OK did that in vhosts - no change THEN added the 3 #'s [to keep track of my edits] in httpd.conf to get “http” working [code snippet line2 and last]

# Secure (SSL/TLS) connections
###Include /private/etc/apache2/extra/httpd-ssl.conf
# Note: The following must must be present to support
#       starting without SSL on platforms with no /dev/random equivalent
#       but a statically compiled-in mod_ssl.
<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin

Include /private/etc/apache2/other/*.conf

###Include /private/etc/apache2/extra/httpd-vhosts-le-ssl.conf

Yep, now your http version works.

My First Heading

My first paragraph.


…can I assume issue is in httpd-ssl.conf and/or httpd-vhosts-le-ssl.conf - therefore what’s next to do/try/edit?


Oh: Why do you have two files? Perhaps that’s the problem.

Every combination of port and ServerName must be unique.


good question - as part of fumbling my way thru initial setup, code snippet line 2 was UNcommented by me, last line was added by certbot install - SO… shall I uncomment last line and see what happens?

###Include /private/etc/apache2/extra/httpd-vhosts-le-ssl.conf

OK, took the punt - nothing - then comparing these 2 files - noticed in “le-ssl” had no “Listen 443” - SO added - AND YAHOO - ALL WORKING - “Green A” in SSL Labs

Juergen THANK YOU for your assistance AND patience and as I write this you should be hopefully asleep - you are a SCHOLAR and a GENTLEMAN

In summary has been an intense 24hr learning curve setting up Apache/Virtual Hosts/SSL, so therefore the better for it, hopefully! If any other “newbie” can make use of this thread, then great.

regards, Col

1 Like

Yep, now you have a new certificate.
expires in 90 days, - 2 entries

And a Grade C

Domainname Http-Status redirect Sec. G 301 0.663 A 301 0.660 A 200 3.586 B 200 3.346 B

Two https versions.

closed #34

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.