启用 ssl 模块并设置 ssl 证书后，Apache 2.4.9 失败 [英] Apache 2.4.9 fails after enabling ssl module and setting up ssl certificate

问题描述

Apache 在尝试设置 ssl 证书后抛出以下错误:

Apache throws the following errors after attempting to set up ssl certificates:

[ssl:emerg] [pid 30907] AH02572: Failed to configure at least one certificate and key for localhost:443
[ssl:emerg] [pid 30907] SSL Library Error: error:140A80B1:SSL routines:SSL_CTX_check_private_key:no certificate assigned
[ssl:emerg] [pid 30907] AH02312: Fatal error initialising mod_ssl, exiting.

我使用的是 MAC 操作系统:Yosemite、PHP 5.5.20、Apache 2.4.9

I using MAC OS:Yosemite, PHP 5.5.20, Apache 2.4.9

并按照以下步骤生成我的 ssl 证书(http://www.akadia.com/services/ssh_test_certificate.html)>

and have followed these steps to generate my ssl certificate from (http://www.akadia.com/services/ssh_test_certificate.html)

cd /etc/apache2/
sudo mkdir certs                                        
cd certs                                                
sudo openssl genrsa -des3 -out server.key 1024          
sudo openssl req -new -key server.key -out server.csr

  Country Name (2 letter code) [GB]:US
  State or Province Name (full name) [Berkshire]:California 
  Locality Name (eg, city) [Newbury]:LA
  Organization Name (eg, company) [My Company Ltd]:Company
  Organizational Unit Name (eg, section) []:
  Common Name (eg, your name or your server's hostname) []:dev.test.local
  Email Address []:username@gmail.com
  Please enter the following 'extra' attributes
  to be sent with your certificate request
  A challenge password []:
  An optional company name []:

sudo cp server.key server.key.org     
sudo openssl rsa -in server.key.org -out server.key
sudo openssl x509 -req -days 730 -in server.csr -signkey server.key -out server.crt  

接下来，我为我的 apache 配置文件设置了以下内容:

Next I have the following set up for my apache config files:

etc/apache2/httpd.conf:

LoadModule ssl_module libexec/apache2/mod_ssl.so
LoadModule socache_shmcb_module libexec/apache2/mod_socache_shmcb.so
Include /private/etc/apache2/extra/httpd-ssl.conf

etc/apache2/extra/httpd-ssl.conf:

Listen 443
SSLPassPhraseDialog  builtin
<VirtualHost _default_:443>
SSLEngine on
Mutex sysvsem default # Added after seeing mutex issues for apache 2.4, http://stackoverflow.com/questions/13969272/apache-sslmutex-issue

etc/apache2/extra/httpd-vhosts.conf:

<VirtualHost *:443>

    ServerName dev.test.local
    DocumentRoot "/Users/username/Sites/test/public"

    <Directory "/Users/username/Sites/test/public">
         Options Indexes FollowSymLinks MultiViews
         AllowOverride All
         Order allow,deny
         allow from all
    </Directory>

    SSLEngine on       
    SSLCertificateFile    /etc/apache2/certs/server.crt
    SSLCertificateKeyFile /etc/apache2/certs/server.key

</VirtualHost>

重新启动并运行 apache config test 后，看起来好像没有问题:

After restarting and running apache config test it looks as though there are no issues:

sudo apachectl restart
sudo apachectl configtest
[Tue Jan 06 13:56:01.480270 2015] [so:warn] [pid 31636] AH01574: module php5_module is already loaded, skipping
Syntax OK

非常感谢您的帮助，如果需要，我很乐意提供更多信息.

Help is greatly appreciated and I am happy to supply more information if needed.

推荐答案

我今天在升级到 MacOS High Sierra 10.13.6 版后遇到了这个问题.在升级之前，我的带有 SSL 的虚拟主机运行良好.然后今天，当我尝试启动我的 Apache Web 服务器时，出现了这个错误:

I encountered this just today after upgrading to MacOS High Sierra version 10.13.6. My virtual hosts with SSL were working fine before the upgrade. Then today, when I tried to start up my Apache web server, I got this error:

[Fri Jul 20 10:51:06.021778 2018] [ssl:emerg] [pid 2236] AH02572: Failed to configure at least one certificate and key for work.localweb.com:80
[Fri Jul 20 10:51:06.022024 2018] [ssl:emerg] [pid 2236] SSL Library Error: error:140A80B1:SSL routines:SSL_CTX_check_private_key:no certificate assigned
[Fri Jul 20 10:51:06.022037 2018] [ssl:emerg] [pid 2236] AH02312: Fatal error initialising mod_ssl, exiting.
AH00016: Configuration Failed

检查我的 apache 版本，现在是 2.4.33.显然，在此版本中，您需要将 SSLCertificateFile 和 SSLCertificateKeyFile 条目放在虚拟主机本身中.因此，我从 extra/httpd-ssl.conf 复制了条目并将其放入我配置的每个 SSL 虚拟主机中.

Check my apache version and it is now 2.4.33. Apparently in this version you will need to put the SSLCertificateFile and SSLCertificateKeyFile entries in the virtual host itself. So, I copied the entries from extra/httpd-ssl.conf and put it in every SSL virtual host that I had configured.

<VirtualHost *:443>
  ServerAdmin me@mymail.com
  ServerName work.localweb.com
  SSLCertificateFile "/private/etc/apache2/server.crt"
  SSLCertificateKeyFile "/private/etc/apache2/server.key"
  ......
</VirtualHost>

然后再次启动.

这篇关于启用 ssl 模块并设置 ssl 证书后，Apache 2.4.9 失败的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！