Bug#775129: marked as done (apache2: Server should be SSL-aware but has no certificate configured [Hint: SSLCertificateFile] ((null):0))
Your message dated Sun, 01 Feb 2015 09:08:40 +0100
with message-id <23326545.KK7xABSQ6b@k>
and subject line Re: Bug#775129: apache2: Server should be SSL-aware but has no certificate configured [Hint: SSLCertificateFile] ((null):0)
has caused the Debian Bug report #775129,
regarding apache2: Server should be SSL-aware but has no certificate configured [Hint: SSLCertificateFile] ((null):0)
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)
--
775129: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775129
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: apache2: Server should be SSL-aware but has no certificate configured [Hint: SSLCertificateFile] ((null):0)
- From: Francois Marier <francois@debian.org>
- Date: Mon, 12 Jan 2015 08:33:38 +1300
- Message-id: <20150111193338.GA4774@akranes.dyndns.org>
Package: apache2
Version: 2.2.22-13+deb7u4
Severity: important
After upgrading from 2.2.22-13+deb7u3 to 2.2.22-13+deb7u4, Apache refused to
start on my server with this error message in /var/log/apache2/error.log:
[error] Server should be SSL-aware but has no certificate configured [Hint: SSLCertificateFile] ((null):0)
While my configuration and TLS cert didn't change, it seems like Apache got
more strict somehow.
There are two config changes I found that fix this:
1. change "Listen 443" to "Listen 443 http" in /etc/apache2/ports.conf
2. ensure that every :443 vhost includes the entire TLS config including the
directives that point to the certificate files
I'm not sure why #1 works so I went with the second option when I found that
one of my vhosts didn't include the full TLS config:
<VirtualHost *:443>
ServerName libravatar.org
ServerAdmin webmaster@libravatar.org
Header always add Strict-Transport-Security: "max-age=15768000"
Redirect permanent / https://www.libravatar.org/
</VirtualHost>
Francois
--- End Message ---
--- Begin Message ---
- To: Francois Marier <francois@debian.org>, 775129-done@bugs.debian.org
- Subject: Re: Bug#775129: apache2: Server should be SSL-aware but has no certificate configured [Hint: SSLCertificateFile] ((null):0)
- From: Stefan Fritsch <sf@sfritsch.de>
- Date: Sun, 01 Feb 2015 09:08:40 +0100
- Message-id: <23326545.KK7xABSQ6b@k>
- In-reply-to: <20150131231239.GC5045@akranes.dyndns.org>
- References: <20150111193338.GA4774@akranes.dyndns.org> <alpine.DEB.2.02.1501132142390.23003@eru.sfritsch.de> <20150131231239.GC5045@akranes.dyndns.org>
On Sunday 01 February 2015 12:12:39, Francois Marier wrote:
> I can confirm that downgrading does NOT fix the problem.
>
> I'm starting to suspect that perhaps I had a bad config that just
> hadn't been applied and that the upgrade forced it to take effect
> when it restarted Apache.
>
> In other words, I can't reproduce the working configuration I had
> before the upgrade to u4, so it's probably not a bug in the apache2
> package.
Thanks for checking. I am closing the bug report.
BTW, the etckeeper package is nice for tracking down config changes
that have caused problems.
--- End Message ---
Reply to: