[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#775129: apache2: Server should be SSL-aware but has no certificate configured [Hint: SSLCertificateFile] ((null):0)

Package: apache2
Version: 2.2.22-13+deb7u4
Severity: important

After upgrading from 2.2.22-13+deb7u3 to 2.2.22-13+deb7u4, Apache refused to
start on my server with this error message in /var/log/apache2/error.log:

  [error] Server should be SSL-aware but has no certificate configured [Hint: SSLCertificateFile] ((null):0)

While my configuration and TLS cert didn't change, it seems like Apache got
more strict somehow.

There are two config changes I found that fix this:

1. change "Listen 443" to "Listen 443 http" in /etc/apache2/ports.conf

2. ensure that every :443 vhost includes the entire TLS config including the
directives that point to the certificate files

I'm not sure why #1 works so I went with the second option when I found that
one of my vhosts didn't include the full TLS config:

  <VirtualHost *:443>
      ServerName libravatar.org
      ServerAdmin webmaster@libravatar.org
      Header always add Strict-Transport-Security: "max-age=15768000"
      Redirect permanent / https://www.libravatar.org/
  </VirtualHost>

Francois
Reply to: