'Apache 2 - AH02311: Fatal error initialising mod_ssl
I'm trying to set up a Godaddy SSL certificate on a DigitalOcean droplet running Ubuntu with Apache 2. After I've configured the certificates correctly (to the best I can see & according to the following articles:
- https://www.digitalocean.com/community/tutorials/how-to-create-a-self-signed-ssl-certificate-for-apache-in-ubuntu-16-04#step-2-configure-apache-to-use-ssl
- https://www.digicert.com/ssl-certificate-installation-ubuntu-server-with-apache2.htm
- https://www.digitalocean.com/community/tutorials/how-to-create-a-ssl-certificate-on-apache-for-ubuntu-14-04
I cannot run Apache and I'm getting the following error:
AH02311: Fatal error initialising mod_ssl
I've also seen this error:
SSL Library Error: error:0B080074:x509 certificate routine
both of these are in the error.log file.
Solution 1:[1]
Looks like private key is not matching certificate check on that (Not sure as i do not see full console logs). I hope the cert order is correct it should be
SSLCertificateFile /etc/apache2/ssl/certificate.crt
SSLCertificateKeyFile /etc/apache2/ssl/private.key
SSLCACertificateFile /etc/apache2/ssl/intermediate.crt
Solution 2:[2]
Usually this is an apache.conf configuration error or any other configuration file. do this:
- purge ApacheUninstall/Purge Apache
- reload modules
- reboot server
- do
apachectl configtest sudo systemctl restart apache2.servicesudo systemctl status apache2.service
That should fix the problem.
Solution 3:[3]
I was able to reproduce this exact error condition by simply enabling SSL under apache (by uncommenting the line in httpd.conf that loads mod_ssl and mod_socache_shmcb.so). The default httpd-ssl.conf file contains example lines of configuration with dummy values. Specifically there is a virtual host block at the bottom of this file that is provided as a template. It contains uncommented lines with dummy values. Apache won't accept these values as they are.
To test this, uncomment the above modules in httpd.conf open a console window, go to the apache\bin folder (the apache folder will have the appropriate version appended like apache2.37)
and type
httpd -t
And apache will validate your .conf files and report fatal errors. The first one you will see will report that it is unable to find server.crt. If you fill in the entire section with the values for the website that you are trying to secure apache should stop throwing these errors.
for more detail when troubleshooting use
httpd -e warn
or
httpd -e debug
To set up a secure virtual host for a site example.com you need two blocks.
One insecure block, and one insecure block. The insecure block uses port 80 or whatever port you choose if 80 is in use elsewhere. This is usually set up in the httpd-vhosts.conf file. The secure block is copy of the insecure block with the added commands for configuring SSL and uses port 443. This block is usually placed in httpd-ssl.conf Https-ssl.conf is automatically included in httpd.conf which is the master configuration file. It contains a conditional clause which detects the mod_ssl module and loads httpd-ssl.conf if the module is loaded. This is why the error occurs as soon as mod_ssl is enabled.
Solution 4:[4]
I was also having the same problem.
While checking, I found it was due to wrong passphrase in pass.out file.
It was solved after correcting that, so I suggest you to check that as well.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | user1622369 |
| Solution 2 | Andre Leon Rangel |
| Solution 3 | user106575 |
| Solution 4 | ×¡×˜× ×œ×™ ×’×¨×•× ×Ÿ |