You are not likely to hit this error with the usual configuration since mod_ssl is the one normally used. However mod_nss is used by the Fedora Directory Server (aka 389 Directory Server now) in CentOS for the console for LDAP authentication (centos-idm-console). Possibly also used by RHEL.
One day I found that Apache would not start. The error log indicated that the certificate had expired. I searched and searched for how to generate a new certificate and tried various things. Too many steps and too hard.
Then I had an idea. The certificate must have been generated when the package mod_nss was installed. Let's try reinstalling it. First we move the old database directory out of the way:
mv /etc/httpd/alias /etc/httpd/alias.old
Then reinstall mod_nss:
yum reinstall mod_nss
and voila, after a while, a new database with a fresh certificate was generated and I could start Apache.
One day I found that Apache would not start. The error log indicated that the certificate had expired. I searched and searched for how to generate a new certificate and tried various things. Too many steps and too hard.
Then I had an idea. The certificate must have been generated when the package mod_nss was installed. Let's try reinstalling it. First we move the old database directory out of the way:
mv /etc/httpd/alias /etc/httpd/alias.old
Then reinstall mod_nss:
yum reinstall mod_nss
and voila, after a while, a new database with a fresh certificate was generated and I could start Apache.
No comments:
Post a Comment