"Job for httpd.service failed because the control process exited with error code." How do I fix this?

Question

After installing SSL certificates via Certbot, my website came up with the error message "too many redirects". After some research I thought I must have a redirect from HTTPS -> HTTP somewhere, so I tried to fix it but it seems that I made it worse, and Apache won't start anymore. I'm a total beginner, so I'm struggling to understand what is wrong.

I'm setting up a VPS with CentOS7 accessed over SSH to host a simple html website. I set up the basics (relevant ones might be UFW Firewall, Cloudflare as DNS, Apache 2.4.6) and managed to display a test page on my domain.

I then went on to setting up my virtual host with this tutorial: https://www.digitalocean.com/community/tutorials/how-to-set-up-apache-virtual-hosts-on-centos-7 Followed by this tutorial to set up letsencrypt: https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-centos-7

After this, I initially got the error message "too many redirects" when trying to access my domain, which had previously worked normally. Whilst trying to fix this for four hours straight, I've now screwed things up to the point where Apache doesn't seem to start.

Now when I do $ sudo systemctl restart httpd I get the error message "Job for httpd.service failed because the control process exited with error code. See "systemctl status httpd.service" and "journalctl -xe" for details."

[USER@host ~]$ sudo systemctl status httpd.service
* httpd.service - The Apache HTTP Server
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
   Active: failed (Result: exit-code) since Wed 2019-01-23 00:57:39 UTC; 20s ago
     Docs: man:httpd(8)
           man:apachectl(8)
  Process: 26023 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited, status=1/FAILURE)
  Process: 24468 ExecReload=/usr/sbin/httpd $OPTIONS -k graceful (code=exited, status=0/SUCCESS)
  Process: 26021 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND (code=exited, status=1/FAILURE)
 Main PID: 26021 (code=exited, status=1/FAILURE)

Jan 23 00:57:39 host systemd[1]: Starting The Apache HTTP Server...
Jan 23 00:57:39 host systemd[1]: httpd.service: main process exited, code=exited, status=1/FAILURE
Jan 23 00:57:39 host kill[26023]: kill: cannot find process ""
Jan 23 00:57:39 host systemd[1]: httpd.service: control process exited, code=exited status=1
Jan 23 00:57:39 host systemd[1]: Failed to start The Apache HTTP Server.
Jan 23 00:57:39 host systemd[1]: Unit httpd.service entered failed state.
Jan 23 00:57:39 host systemd[1]: httpd.service failed.

The only change I made to /etc/httpd/conf/httpd.conf was changing IncludeOptional conf.d/*.conf at the bottom to IncludeOptional sites-enabled/*.conf

My Virtual Host setup is currently as follows:

<VirtualHost *:80>
    ServerName www.example.com
    DocumentRoot /var/www/example.com/public_html
    Redirect / https://www.example.com/
</VirtualHost>

<VirtualHost _default_:443>
    ServerName www.example.com
    ServerAlias example.com
    DocumentRoot /var/www/example.com/public_html
    ErrorLog /var/www/example.com/error.log
    CustomLog /var/www/example.com/requests.log combined
    SSLEngine on
</VirtualHost>

Would appreciate any pointers as to what might be wrong.

Answer 1

You should add in your configuration the certificate, key for this certificate and intermediate certificates. This look like:

SSLEngine on
SSLCertificateFile "/path/to/www.example.com.cert"
SSLCertificateKeyFile "/path/to/www.example.com.key"
SSLCACertificateFile "conf/ssl.crt/ca.crt"

For more details check apache documentation

Answer 2

Since I used letsencrypt it looks like this:

    SSLEngine on
    SSLCertificateFile /etc/letsencrypt/live/example.com/cert.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
    SSLCertificateChainFile /etc/letsencrypt/live/example.com/chain.pem

This resolved the error for apache. SSL encryption isn't working yet though, I'll come back and update it if I find out that it was an issue with these lines.

EDIT: This setup works fine for me now. The issue with the SSL encryption not working was due to having SSL on "off" in Cloudflare, which created a redirect loop.