Home / server / Questions / 285408
In Process
ParisNakitaKejser
Asked: 2011-06-30 09:13:03 +0800 CST

CentOS - Apache and SSL?

  • 772

Hei all

i have problem for my SSL setup, when i put SSL Engine to on my Apache will not start up, if i remove it, its work fine.

i can't finde the Apache log, so i can find out of whats happen here,

can sommen maby tell me the problem or link to the defualt log-path for Apache?

here is my vhost config file.

<VirtualHost *:443>
#   SSLEngine On
    SSLProtocol all
    SSLCertificateFile "/etc/pki/tls/schemecloud.co.uk.csr"
    SSLCertificateKeyFile "/etc/pki/tls/schemecloud.co.uk.key"
    SSLCACertificateFile "/etc/pki/tls/rapidssl.crt"
    ErrorLog "/var/www/error_ssl_log"

    <Directory /var/www/html>
    AllowOverride All
    </Directory>                                                 
    DocumentRoot /var/www/html/
    ServerName schemecloud.co.uk
 </VirtualHost>
centos apache-2.2 ssl httpd

3 Answers

  1. You are listing a .csr file for SSLCertificateFile. .csr files usually contain the Certificate Signing Request, which is not your certificate. You likely have a .crt file which you need to put in that directive.

    • 3

  2. The Apache log path on my Centos installations is "/var/log/httpd/"; however, it looks like you may be changing that path with the ErrorLog parameter.

    For the configuration you've given, I suspect you may be using the wrong file for the SSLCertificateFile parameter; ".csr" usually means certificate signing request, and the certificate files that parameter requires are commonly named ".crt".

    Also, you may find this tutorial on getting Apache set up to use SSL helpful.

    • 0

  3. i can't finde the Apache log, so i can find out of whats happen here,

    You are overriding the default ErrorLog path in your configuration at this line:

    ErrorLog "/var/www/error_ssl_log"

    I recommend deleting that line, and just using the default ErrorLog instead. That way, all errors will be logged in the same spot. It's a single daemon, and it really only needs one error log file, in most cases. In addition, /var/www/ is typically a directory to hold the web content (html files, images, error pages, icons, cgi scripts, etc.) You probably don't want to store any error logs in there.

    To find the default ErrorLog location, you will need to understand how Apache configuration works.

    First search for 'ErrorLog' in your main httpd.conf. On a CentOS 5 box, you will see a line like this:

    myhost $ grep ErrorLog /etc/httpd/conf*/*.conf
/etc/httpd/conf/httpd.conf:ErrorLog logs/error_log
myhost $

    According to the documentation for the ErrorLog Directive:

    If the file-path is not absolute then it is assumed to be relative to the ServerRoot.

    On a CentOS 5 box, the ServerRoot is typically /etc/httpd

    myhost $ grep ServerRoot "/etc/httpd" /etc/httpd/conf*/*.conf
/etc/httpd/conf/httpd.conf:ServerRoot "/etc/httpd"

    This means that your default error log is at /etc/httpd/logs/, which happens to be a symlink to /var/log/httpd:

    myhost $ ls -ld /etc/httpd/logs
lrwxrwxrwx 1 root root 19 Sep 29  2010 /etc/httpd/logs -> ../../var/log/httpd
    • 0