SSL crashing Apache (Failed to load)
Change your virtualhost to
<VirtualHost *:443>
ServerName fraffel.tech
DocumentRoot /var/www/fraffeltech
SSLEngine on
SSLCertificateFile /etc/ssl/fraffel_tech.crt
SSLCertificateKeyFile /etc/ssl/private/fraffel.tech.key
SSLCertificateChainFile /etc/ssl/fraffel_tech.ca-bundle
</VirtualHost>
The hint is this:
[Thu May 03 11:36:17.851117 2018] [ssl:emerg] [pid 3415] AH02569: Illegal attempt to re-initialise SSL for server (SSLEngine On should go in the VirtualHost, not in global scope.)
In addition there is a warning message, that tels you:
Could not reliably determine the server's fully qualified domain name, using fe80::f03c:91ff... Set the 'ServerName' directive globally to suppress this message
Set the 'ServerName' directive globally to suppress this message means you should have one ServerName
directive outside of the <VirtualHost>
tags. It could be the name of your primary domain or just localhost:
ServerName fraffel.tech
<VirtualHost *:443>
ServerName fraffel.tech
DocumentRoot /var/www/fraffeltech
#...
</VirtualHost>
Related videos on Youtube
FAXES
I'm just some guy that makes some nice websites and Discord.js bots. I make other things aswell but they're not as important.
Updated on September 18, 2022Comments
-
FAXES over 1 year
When trying to use my SSL on Apache2 (Ubuntu 17), it seems to break Apache.
Console Error
● apache2.service - The Apache HTTP Server Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled) Drop-In: /lib/systemd/system/apache2.service.d └─apache2-systemd.conf Active: failed (Result: exit-code) since Thu 2018-05-03 11:52:21 AEST; 2h 4min ago Process: 3366 ExecStart=/usr/sbin/apachectl start (code=exited, status=1/FAILURE) CPU: 85ms May 03 11:52:20 FRAFFEL_MEDIA systemd[1]: Starting The Apache HTTP Server... May 03 11:52:21 FRAFFEL_MEDIA apachectl[3366]: AH00558: apache2: Could not reliably determine the server's fully qualifi May 03 11:52:21 FRAFFEL_MEDIA apachectl[3366]: Action 'start' failed. May 03 11:52:21 FRAFFEL_MEDIA apachectl[3366]: The Apache error log may have more information. May 03 11:52:21 FRAFFEL_MEDIA systemd[1]: apache2.service: Control process exited, code=exited status=1 May 03 11:52:21 FRAFFEL_MEDIA systemd[1]: Failed to start The Apache HTTP Server. May 03 11:52:21 FRAFFEL_MEDIA systemd[1]: apache2.service: Unit entered failed state. May 03 11:52:21 FRAFFEL_MEDIA systemd[1]: apache2.service: Failed with result 'exit-code'.
In /var/log/apache2/error_log:
[Thu May 03 06:25:01.830302 2018] [mpm_prefork:notice] [pid 4511] AH00163: Apache/2.4.25 (Ubuntu) OpenSSL/1.0.2g configured -- resuming normal operations [Thu May 03 06:25:01.830372 2018] [core:notice] [pid 4511] AH00094: Command line: '/usr/sbin/apache2' [Thu May 03 08:03:44.188546 2018] [:error] [pid 13778] [client 95.213.177.126:63358] script '/var/www/404/azenv.php' not found or unable to stat, referer: https://proxyradar.com/ [Thu May 03 11:29:21.335601 2018] [mpm_prefork:notice] [pid 4511] AH00171: Graceful restart requested, doing restart AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using fe80::f03c:91ff:fea7:2ab8. Set the 'ServerName' directive globally to suppress this message [Thu May 03 11:29:21.424519 2018] [ssl:warn] [pid 4511] AH01909: fe80::f03c:91ff:fea7:2ab8:80:0 server certificate does NOT include an ID which matches the server name [Thu May 03 11:29:21.424615 2018] [ssl:emerg] [pid 4511] AH02569: Illegal attempt to re-initialise SSL for server (SSLEngine On should go in the VirtualHost, not in global scope.) [Thu May 03 11:29:21.424621 2018] [:emerg] [pid 4511] AH00020: Configuration Failed, exiting [Thu May 03 11:36:17.850289 2018] [ssl:warn] [pid 3415] AH01909: 2600:3c01::f03c:91ff:fea7:2ab8:80:0 server certificate does NOT include an ID which matches the server name [Thu May 03 11:36:17.851117 2018] [ssl:emerg] [pid 3415] AH02569: Illegal attempt to re-initialise SSL for server (SSLEngine On should go in the VirtualHost, not in global scope.) AH00016: Configuration Failed [Thu May 03 11:52:21.316911 2018] [ssl:warn] [pid 3393] AH01909: fe80::f03c:91ff:fea7:2ab8:80:0 server certificate does NOT include an ID which matches the server name [Thu May 03 11:52:21.323098 2018] [ssl:emerg] [pid 3393] AH02569: Illegal attempt to re-initialise SSL for server (SSLEngine On should go in the VirtualHost, not in global scope.) AH00016: Configuration Failed
I'm not sure what's with it as it only happens when using SSL in the available sites config:
<virtualhost *:443> ServerName fraffel.tech DocumentRoot /var/www/fraffeltech </virtualhost> SSLEngine on SSLCertificateFile /etc/ssl/fraffel_tech.crt SSLCertificateKeyFile /etc/ssl/private/fraffel.tech.key SSLCertificateChainFile /etc/ssl/fraffel_tech.ca-bundle
The SSL files are in those directories but I'm not sure whats up with it and yes the ssl mod is enabled...
-
FAXES about 6 yearsYou Sir are a legend. I was following this guide: namecheap.com/support/knowledgebase/article.aspx/9423//…. I might add a suggestion for it...
-
vidarlo about 6 yearsYou may be interested in let's encrypt as well. They provide free certificates, and easy automation...
-
FAXES about 6 yearsThanks. Also how do I set up the auto redirect. I added
Redirect / https://fraffel.tech/
but takes me to the wrong site directory whereas https takes me to the right spot. Is that the right thing to add for the redirect? (its in VirtualHost *:80) -
vidarlo about 6 yearsCreate a new question for a new question :)