Changing SSL Certs.... httpd stops working

smeads · December 12, 2018, 8:21pm

3.8 Katello. I’m trying to replace the self-signed SSL certs with real ones. I’m not having any luck. Please help.

I’m following this: Foreman :: Replacing Foreman's web SSL certificate.

Here’s the errors I am getting:

Job for httpd.service failed because the control process exited with error code. See “systemctl status httpd.service” and “journalctl -xe” for details.

When I look at the log:

[root@us08pr2utl11 conf.d]# systemctl status httpd.service
● httpd.service - The Apache HTTP Server
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
   Active: failed (Result: exit-code) since Wed 2018-12-12 14:03:57 CST; 8s ago
     Docs: man:httpd(8)
           man:apachectl(8)
  Process: 13844 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited, status=1/FAILURE)
  Process: 13842 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND (code=exited, status=1/FAILURE)
 Main PID: 13842 (code=exited, status=1/FAILURE)

Dec 12 14:03:57 us08pr2utl11.pmdomhq.protomold.com httpd[13842]: [Wed Dec 12 14:03:57.708717 2018] [so:warn] [pid 13842] AH01574: module systemd_module is already loaded, skipping
Dec 12 14:03:57 us08pr2utl11.pmdomhq.protomold.com httpd[13842]: [Wed Dec 12 14:03:57.708760 2018] [so:warn] [pid 13842] AH01574: module cgi_module is already loaded, skipping
Dec 12 14:03:57 us08pr2utl11.pmdomhq.protomold.com httpd[13842]: [Wed Dec 12 14:03:57.708781 2018] [so:warn] [pid 13842] AH01574: module wsgi_module is already loaded, skipping
Dec 12 14:03:57 us08pr2utl11.pmdomhq.protomold.com httpd[13842]: [Wed Dec 12 14:03:57.713866 2018] [alias:warn] [pid 13842] AH00671: The Alias directive in /etc/httpd/conf.d/au...ier Alias.
Dec 12 14:03:57 us08pr2utl11.pmdomhq.protomold.com systemd[1]: httpd.service: main process exited, code=exited, status=1/FAILURE
Dec 12 14:03:57 us08pr2utl11.pmdomhq.protomold.com kill[13844]: kill: cannot find process ""
Dec 12 14:03:57 us08pr2utl11.pmdomhq.protomold.com systemd[1]: httpd.service: control process exited, code=exited status=1
Dec 12 14:03:57 us08pr2utl11.pmdomhq.protomold.com systemd[1]: Failed to start The Apache HTTP Server.
Dec 12 14:03:57 us08pr2utl11.pmdomhq.protomold.com systemd[1]: Unit httpd.service entered failed state.
Dec 12 14:03:57 us08pr2utl11.pmdomhq.protomold.com systemd[1]: httpd.service failed.

I changed the name of the server here, this is a FQDN.

etc/httpd/conf.d/05-foreman-ssl.conf

PassengerPreStart https://foreman.prlb.io:443

File permissions:

Any chance you guys would consider nginx versus apache?

smeads · December 12, 2018, 8:28pm

Your release came with Apache 2.4.6, which came out in 2013. The newest is 2.4.37. That’s quite a gap.

smeads · December 12, 2018, 8:36pm

Sorry… this is corrected… please ignore. The cert chain I was given, was incorrect. I remade the chain and it corrected the issue.