1

Hey since I have attempted to install SSL onto my site I am unable to restart without removing it from the config.

I am running Ubuntu Ubuntu 18.04 x64

Changes for SSL:

 DocumentRoot /var/www/html ServerName my_site_name.com -- I have the actual site name here SSLEngine on SSLCertificateFile /ssl-files/site_name.com.crt # I have the actual cert here SSLCertificateKeyFile /ssl-files/site_name.key # I have the actual key name here

However when I run this I in the conf I get 

 Job for apache2.service failed because the control process exited with this error code. See "systemctl status apache2.service" and "journalctl -xe" for details.

For some reason when I remove the SSL parts it works fine, I have tried purging and reinstalling apache2, with no luck.

apache2.server Log:

 apache2.service - The Apache HTTP Server Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled) Drop-In: /lib/systemd/system/apache2.service.d └─apache2-systemd.conf Active: failed (Result: exit-code) since Sat 2018-09-29 13:08:42 UTC; 1min 41s ago Process: 19553 ExecStop=/usr/sbin/apachectl stop (code=exited, status=0/SUCCESS) Process: 19563 ExecStart=/usr/sbin/apachectl start (code=exited, status=1/FAILURE) Main PID: 18805 (code=exited, status=0/SUCCESS) Sep 29 13:08:42 nickr.0103 systemd[1]: Starting The Apache HTTP Server... Sep 29 13:08:42 nickr.0103 apachectl[19563]: Action 'start' failed. Sep 29 13:08:42 nickr.0103 apachectl[19563]: The Apache error log may have more information. Sep 29 13:08:42 nickr.0103 systemd[1]: apache2.service: Control process exited, code=exited status=1 Sep 29 13:08:42 nickr.0103 systemd[1]: apache2.service: Failed with result 'exit-code'. Sep 29 13:08:42 nickr.0103 systemd[1]: Failed to start The Apache HTTP Server.

I have read this error before so I changed my key and crt, however it still gives me this error.

 [Sat Sep 29 14:16:39.277651 2018] [ssl:emerg] [pid 20797] AH02562: Failed to configure certificate www.my_site.com:443:0 (with chain), check /ssl-files/my_site.crt [Sat Sep 29 14:16:39.277794 2018] [ssl:emerg] [pid 20797] SSL Library Error: error:0906D06C:PEM routines:PEM_read_bio:no start line (Expecting: TRUSTED CERTIFICATE) -- Bad file contents or format - or even just a forgotten SSLCertificateKeyFile? [Sat Sep 29 14:16:39.277820 2018] [ssl:emerg] [pid 20797] SSL Library Error: error:140DC009:SSL routines:use_certificate_chain_file:PEM lib AH00016: Configuration Failed
Improve this question
3
  • Please run systemctl status apache2.service and edit your post to include this information. Commented Sep 29, 2018 at 12:37
  • What does the Apache log files show? They are typically located in /var/log/apache2/ Commented Sep 29, 2018 at 13:18
  • There you go, added the error.log Commented Sep 29, 2018 at 14:19

1 Answer 1

Reset to default
1 
[Sat Sep 29 14:16:39.277794 2018] [ssl:emerg] [pid 20797] SSL Library Error: error:0906D06C:PEM routines:PEM_read_bio:no start line (Expecting: TRUSTED CERTIFICATE) -- Bad file contents or format - or even just a forgotten SSLCertificateKeyFile?

This line is the actual error. The Certificate is not in correct format, or corrupt.

Verify that the certificates are readable with openssl x509 -noout -modulus -in certificate.crt to verify the certificate. It should output modulus of the certificate.

To verify key, use openssl x509 -noout -modulus -in keyfile.key.

The modulus of the certificate and key file should additionally be identical. Otherwise they do not match.

If openssl fails, get new certificate files from your provider.

Improve this answer
1
  • They are identical and I think there is an error with them, I have even gotten new ones but still get that error, this is what I get from them. unable to load certificate 139816630936000:error:0906D06C:PEM routines:PEM_read_bio:no start line:../crypto/pem/pem_lib.c:691:Expecting: TRUSTED CERTIFICATE Commented Sep 29, 2018 at 14:54

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.