Bug#398223: Acknowledgement (apache2: "[notice] caught SIGTERM, shutting down")
bOn Sun, 2007-01-14 at 10:44 +0800, Clayton wrote:
>
> Hi Ralf,
>
> I re-enabled the SSL stuff and sure enough, apache2 died again this morning, this time with your logrotate mods above in place.
Fine,
> However, sorry to say that the "logrotate" log file that was generated only contains a time stamp, ie.:
>
> --- Sun Jan 14 06:37:50 CST 2007
>
So, logrotate runs on Sunday mornig at 06:37 - that's exactly what we
wanted to know.
> error.log contains the usual nauz:
Gosh, read it. It's all there!
> [Sun Jan 14 06:38:11 2007] [error] Init: Unable to read pass phrase [Hint: key introduced or changed before restart?]
> [Sun Jan 14 06:38:12 2007] [error] SSL Library Error: 218710120 error:0D094068:asn1 encoding routines:d2i_ASN1_SET:bad tag
> [Sun Jan 14 06:38:12 2007] [error] SSL Library Error: 218529960 error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
> [Sun Jan 14 06:38:12 2007] [error] SSL Library Error: 218595386 error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error
> [Sun Jan 14 06:38:12 2007] [error] SSL Library Error: 218734605 error:0D09A00D:asn1 encoding routines:d2i_PrivateKey:ASN1 lib
>
Well, logrotate rotates the logfiles and then restarts the server
("/etc/init.d/apache2 restart" in the postrotate section). And,
according to the "usual nauz" you server can't start because someone was
smart enough to 'protect' the certificate with a passphrase ....
> Let me know if there is anything else I can do to help,
> Clayton
Fix your setup by using a certificate with an empty passphrase.
HTH Ralf Mattes
>
>
Reply to: