Keep Server Online
If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.
or
A donation makes a contribution towards the costs, the time and effort that's going in this site and building.
Thank You! Steffen
Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
| |
|
 Topic: Mod_md :: issue when adding one MDomain |
|
| Author |
|
jasch
Joined: 11 Apr 2008
Posts: 7
|
 Posted: Fri 30 Nov '18 4:40 Post subject: Mod_md :: issue when adding one MDomain |
 |
|
Split from www.apachelounge.com/viewtopic.php?t=7786
Apologies in advance, if this is not the place to post (makes me wonder, how this wonderful directive has no comments at all from nobody in one year).
I've been using this directive for months without any troubles, until last night. Adding one MDomain directive for one domain causes Apache to not start up at all.
If I add MDomains readcts.com apache will not start. Remove the line, everything works.
Here's the relevant log, if somebody might be able to help.
https://www.dropbox.com/s/26w2f4m40b217io/md.txt?dl=0
The error seems to be, md{readcts.com}: incomplete, without private key |
|
| Back to top |
|
DnvrSysEngr
Joined: 15 Apr 2012
Posts: 226
Location: Denver, CO USA
|
| Posted: Fri 30 Nov '18 18:35 Post subject: |
|
|
Something to try:
Rename the folder that you have the command pointed to.
For example, in my .conf file, I have mine pointed to a folder named ManagedDomains. Rename that folder, and then see if Apache starts. If successful, the folder should be recreated and the certs should be recreated/updated. |
|
| Back to top |
|
jasch
Joined: 11 Apr 2008
Posts: 7
|
| Posted: Sat 08 Dec '18 6:01 Post subject: |
|
|
Well, I am using the default directory "MD". I tried adding a new domain, and again Apache crashed when starting up.
I have another (exact configuracion) server, and I moved a domain from that server, to this one, copied, the Certificates from MD, and it started up perfectly.
It seems the problem is generating new Certs.... |
|
| Back to top |
|
jasch
Joined: 11 Apr 2008
Posts: 7
|
| Posted: Sat 08 Dec '18 16:40 Post subject: |
|
|
This is the log from the new domain:
| Code: | [Sat Dec 08 08:27:44.347801 2018] [md:debug] [pid 2564:tid 364] mod_md.c(1012): AH10070: initializing post config dry run
[Sat Dec 08 08:27:44.347801 2018] [md:debug] [pid 2564:tid 364] mod_md.c(357): AH10037: server seems reachable via http: (port 80->80) and reachable via https: (port 443->443)
[Sat Dec 08 08:27:44.347801 2018] [md:debug] [pid 2564:tid 364] mod_md.c(219): AH10041: Server galeria11-12.com:0 matches md galeria11-12.com (config galeria11-12.com[default, default])
[Sat Dec 08 08:27:44.347801 2018] [md:debug] [pid 2564:tid 364] mod_md.c(249): AH10043: Managed Domain galeria11-12.com applies to vhost galeria11-12.com:0
[Sat Dec 08 08:27:44.347801 2018] [md:debug] [pid 2564:tid 364] mod_md.c(280): AH10044: galeria11-12.com: added contact mailto:admin@conexion.cr
[Sat Dec 08 08:27:44.347801 2018] [md:debug] [pid 2564:tid 364] mod_md.c(389): AH10039: Completed MD[galeria11-12.com, CA=https://acme-v01.api.letsencrypt.org/directory, Proto=ACME, Agreement=https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf, Drive=1, renew=2134720512]
[Sat Dec 08 08:27:44.347801 2018] [md:debug] [pid 2564:tid 364] md_reg.c(706): sync: found 1 mds in store
[Sat Dec 08 08:27:44.363401 2018] [md:debug] [pid 2564:tid 364] md_reg.c(793): galeria11-12.com: update renew norm=2109194240, window=2134720512
[Sat Dec 08 08:27:44.363401 2018] [md:debug] [pid 2564:tid 364] md_reg.c(192): md{galeria11-12.com}: incomplete, without private key
[Sat Dec 08 08:27:44.363401 2018] [md:debug] [pid 2564:tid 364] md_reg.c(488): update md galeria11-12.com
[Sat Dec 08 08:27:44.363401 2018] [md:debug] [pid 2564:tid 364] md_reg.c(192): md{galeria11-12.com}: incomplete, without private key
[Sat Dec 08 08:27:44.363401 2018] [md:debug] [pid 2564:tid 364] md_reg.c(830): md galeria11-12.com updated
[Sat Dec 08 08:27:44.363401 2018] [ssl:emerg] [pid 2564:tid 364] AH01903: Failed to configure CA certificate chain!
[Sat Dec 08 08:27:44.379001 2018] [ssl:emerg] [pid 2564:tid 364] AH02312: Fatal error initialising mod_ssl, exiting.
AH00016: Configuration Failed
|
|
|
| Back to top |
|
DnvrSysEngr
Joined: 15 Apr 2012
Posts: 226
Location: Denver, CO USA
|
| Posted: Sat 08 Dec '18 19:50 Post subject: |
|
|
Do you have a .well-known directory? --- which is where the acme challenge directory resides as well.
You mentioned you copied this from an existing WEB server? You many need to rerun letsencrypt to get it to once again set up the configuration. |
|
| Back to top |
|
|
|
|
|
|
