你好,问题来了
我已经在 CentOS 上生成了 CSR,并在 Comodo 上购买了 SSL。
我在 ssl.conf 中添加了以下几行
ServerName mydomain.com
DocumentRoot /var/www/html
SSLEngine on
SSLCertificateKeyFile /etc/pki/tls/certs/mydomain.key
SSLCertificateFile /etc/pki/tls/certs/mydomain.crt
SSLCACertificateFile /etc/pki/tls/certs/mydomainCA.crt
和 httpd.conf 的后续行
<VirtualHost *:80>
ServerName thedomain.com
Redirect "/" "https://thedomain.com/"
</VirtualHost>
在此之后,当我执行 systemctl restart httpd 时,出现以下错误:
Job for httpd.service failed because the control process exited with error code. See "systemctl status httpd.service" and "journalctl-xe" for details.
and when I check journalctl -xe for details this is what it reads:
-- Subject: Unit httpd.service has finished start-up -- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- Unit httpd.service has finished starting up.
-- The start-up result is done. Nov 24 18:36:01 MyWay polkitd[568]: Unregistered Authentication Agent for unix-process:6639:684652621 (system bus name :1.4409, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale e Nov 24 18:36:04 MyWay sshd[6652]: Invalid user oracle from 80.241.211.237 port 54600 Nov 24 18:36:04 MyWay sshd[6652]: input_userauth_request: invalid user oracle [preauth] Nov 24 18:36:04 MyWay sshd[6652]: pam_unix(sshd:auth): check pass; user unknown Nov 24 18:36:04 MyWay sshd[6652]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=vmi306916.contaboserver.net Nov 24 18:36:06 MyWay sshd[6652]: Failed password for invalid user oracle from 80.241.211.237 port 54600 ssh2 Nov 24 18:36:06 MyWay sshd[6652]: Received disconnect from 80.241.211.237 port 54600:11: Normal Shutdown, Thank you for playing [preauth] Nov 24 18:36:06 MyWay sshd[6652]: Disconnected from 80.241.211.237 port 54600 [preauth] Nov 24 18:36:16 MyWay sshd[6651]: Received disconnect from 112.85.42.94 port 31545:11: [preauth] Nov 24 18:36:16 MyWay sshd[6651]: Disconnected from 112.85.42.94 port 31545 [preauth] Nov 24 18:36:18 MyWay polkitd[568]: Registered Authentication Agent for unix-process:6655:684654361 (system bus name :1.4410 [/usr/bin/pkttyagent --notify-fd 5 --fallback], object path /org/freedes Nov 24 18:36:18 MyWay systemd[1]: Stopping The Apache HTTP Server... -- Subject: Unit httpd.service has begun shutting down -- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- Unit httpd.service has begun shutting down. Nov 24 18:36:19 MyWay systemd[1]: Stopped The Apache HTTP Server. -- Subject: Unit httpd.service has finished shutting down -- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- Unit httpd.service has finished shutting down. Nov 24 18:36:19 MyWay systemd[1]: Starting The Apache HTTP Server... -- Subject: Unit httpd.service has begun start-up -- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- Unit httpd.service has begun starting up. Nov 24 18:36:19 MyWay systemd[1]: httpd.service: main process exited, code=exited, status=1/FAILURE Nov 24 18:36:19 MyWay kill[6667]: kill: cannot find process "" Nov 24 18:36:19 MyWay systemd[1]: httpd.service: control process exited, code=exited status=1 Nov 24 18:36:19 MyWay systemd[1]: Failed to start The Apache HTTP Server. -- Subject: Unit httpd.service has failed -- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- Unit httpd.service has failed.
-- The result is failed. Nov 24 18:36:19 MyWay systemd[1]: Unit httpd.service entered failed state. Nov 24 18:36:19 MyWay systemd[1]: httpd.service failed. Nov 24 18:36:19 MyWay polkitd[568]: Unregistered Authentication Agent for unix-process:6655:684654361 (system bus name :1.4410, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale e [
所以我检查了很多操作系统解决方案,但这个问题仍然存在,请注意,当我注释掉 httpd.conf 和 ssl.conf 中的所有更改时,apache 开始正常工作。
提前致谢
最佳答案
已解决
将文件重命名为 PEM 有助于解决这个问题,除此之外我还遇到了其他一些导致错误的问题(查看 apache 日志帮助我解决了这些问题)
apache 的内存已满,所以我不得不增加它。
我在 ssl.conf 文件中复制了 SSLCertificateKeyFile,并注释掉了默认文件链接。
关于添加 SSL 证书后 Apache 无法启动,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/59018895/