Apache unable to start when SSLEngine is on

My SSL virtual host is as simple as that:

LoadModule ssl_module modules/mod_ssl.so

Listen 443
<VirtualHost *:443>
        DocumentRoot "/srv/www/test"
        ServerName <my_website_domain>

        SSLEngine on
        SSLCertificateFile    /etc/ssl/certs/apache-selfsigned.crt
        SSLCertificateKeyFile /etc/ssl/private/apache-selfsigned.key
</VirtualHost>

When I try to restart apache with apache2ctl configtest && systemctl restart apache2 I get:

Syntax OK
Job for apache2.service failed because the control process exited with error code. See "systemctl status apache2.service" and "journalctl -xe" for details.

But when I turn off SSLEngine with SSLEngine off apache starts normally and ok.

When I run systemctl status apache2 after starting with SSLEngine on, I get:

Syntax OK
● apache2.service - The Apache Webserver
   Loaded: loaded (/usr/lib/systemd/system/apache2.service; enabled; vendor preset: disabled)
   Active: failed (Result: exit-code) since Fri 2020-08-14 18:06:55 CEST; 1min 9s ago
  Process: 22352 ExecStop=/usr/sbin/start_apache2 -DSYSTEMD -DFOREGROUND -k graceful-stop (code=exited, status=0/SUCCESS)
  Process: 19851 ExecReload=/usr/sbin/start_apache2 -DSYSTEMD -DFOREGROUND -k graceful (code=exited, status=0/SUCCESS)
  Process: 22346 ExecStart=/usr/sbin/start_apache2 -DSYSTEMD -DFOREGROUND -k start (code=exited, status=1/FAILURE)
 Main PID: 22346 (code=exited, status=1/FAILURE)

Aug 14 18:06:55 luu056d start_apache2[22352]: [Fri Aug 14 18:06:55.351148 2020] [so:warn] [pid 22352] AH01574: module authn_core_module is already loaded, skipping
Aug 14 18:06:55 luu056d start_apache2[22352]: [Fri Aug 14 18:06:55.351163 2020] [so:warn] [pid 22352] AH01574: module authz_core_module is already loaded, skipping
Aug 14 18:06:55 luu056d start_apache2[22352]: [Fri Aug 14 18:06:55.351170 2020] [so:warn] [pid 22352] AH01574: module php5_module is already loaded, skipping
Aug 14 18:06:55 luu056d start_apache2[22352]: [Fri Aug 14 18:06:55.351179 2020] [so:warn] [pid 22352] AH01574: module ssl_module is already loaded, skipping
Aug 14 18:06:55 luu056d start_apache2[22352]: [Fri Aug 14 18:06:55.352998 2020] [so:warn] [pid 22352] AH01574: module ssl_module is already loaded, skipping
Aug 14 18:06:55 luu056d start_apache2[22352]: [Fri Aug 14 18:06:55.356261 2020] [core:warn] [pid 22352] AH00117: Ignoring deprecated use of DefaultType in line 143 of /etc/apa.../httpd.conf.
Aug 14 18:06:55 luu056d start_apache2[22352]: httpd (no pid file) not running
Aug 14 18:06:55 luu056d systemd[1]: Failed to start The Apache Webserver.
Aug 14 18:06:55 luu056d systemd[1]: apache2.service: Unit entered failed state.
Aug 14 18:06:55 luu056d systemd[1]: apache2.service: Failed with result 'exit-code'.
Hint: Some lines were ellipsized, use -l to show in full.

Why am I getting that error httpd (no pid file) not running when I turn on SSLEngine?
Nothing is blocking port 443, since when I run lsof -i :443 the result is empty.

I'm using Apache/2.4.23 for Linux/SUSE

Best Answer

This is indicative of a problem with the certificates, httpd can't load them therefore it can't start up properly. Generally those errors do not show up unless you have a high level of error logging for SSL. Just set LogLevel ssl:trace8 for testing and remove it when you get it to work.

Make sure certificates are PEM format (ASCII), that they match with each other and exist in the path you point to them:

openssl x509 -in /etc/ssl/certs/apache-selfsigned.crt -noout -modulus
openssl rsa -in /etc/ssl/private/apache-selfsigned.key -noout -modulus

The output of both commands should return the same result, if not, they are not correct.

Best Answer

Related Solutions

Php – Apache Failure on Centos 7 not starting

Linux – I get this error “Active: failed ” from the Process: 9666 ExecStart=/etc/init.d/apache2 start (code=exited, status=2)

Related Topic