Apache-2.4
httpd 返回“SSLCertificateFile:文件 ‘/var/iwww/certs/msdfw/c.pem’ 不存在或為空”
所以最近,由於一些問題和東西,我不得不重置我的伺服器。現在,我一直在嘗試重新設置它,但它不適合我。我已
httpd成功安裝,它適用於我的網站。但是當我嘗試添加 SSL 證書時,CentOS 居然敢騙我說它不存在。這是journalctl -xe;的輸出Sep 26 17:00:11 localhost systemd[1]: Starting The Apache HTTP Server... -- Subject: Unit httpd.service has begun start-up -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit httpd.service has begun starting up. Sep 26 17:00:11 localhost httpd[5579]: AH00526: Syntax error on line 15 of /etc/httpd/enabled/msdfw.conf: Sep 26 17:00:11 localhost httpd[5579]: SSLCertificateFile: file '/var/iwww/certs/msdfw/c.pem' does not exist or is empty Sep 26 17:00:11 localhost systemd[1]: httpd.service: main process exited, code=exited, status=1/FAILURE Sep 26 17:00:11 localhost kill[5581]: kill: cannot find process "" Sep 26 17:00:11 localhost systemd[1]: httpd.service: control process exited, code=exited status=1 Sep 26 17:00:11 localhost systemd[1]: Failed to start The Apache HTTP Server. -- Subject: Unit httpd.service has failed -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit httpd.service has failed. -- -- The result is failed. Sep 26 17:00:11 localhost systemd[1]: Unit httpd.service entered failed state. Sep 26 17:00:11 localhost systemd[1]: httpd.service failed.我檢查了文件,它就在那裡。我已經嘗試將所有所有權授予 user
apache,我已將其授予 groupapache並將所有權限更改為 777。它都不起作用(並恢復了權限)。我試過了lsof c.pem,但沒有輸出。這是虛擬主機;<VirtualHost *:80> ServerName www.example.com ServerAlias example.com RewriteEngine on RewriteRule ^/?(.*) https://example.com/$1 [R,L] </VirtualHost> <VirtualHost *:443> ServerName example.com DocumentRoot /var/www/msdfw ErrorLog /var/iwww/logs/e-msdfw CustomLog /var/iwww/logs/c-msdfw combined DirectoryIndex index.php SSLEngine on SSLCertificateFile /var/iwww/certs/msdfw/c.pem SSLCertificateKeyFile /var/iwww/certs/msdfw/p.key SSLCertificateChainFile /var/iwww/certs/msdfw/b.pem <Directory /var/www/msdfw/> Require all granted </Directory> </VirtualHost>我已經安裝
mod_ssl了,所以我不認為就是這樣。我已經sudo -u apache cat /var/iwww/certs/msdfw/c.pem檢查它是否可以讀取它,它可以。OpenSSL 可以正確解析證書。所以,我不確定問題是什麼。任何可以提供幫助的人,請伸出援助之手。謝謝!附加資訊:
- 作業系統:CentOS Linux 7.4.1708 版
- 不確定這屬於哪個類別,但它是最小的。
看來我錯了。它與標有
system_u或的證書有關unconfined_u。它們必須貼上標籤system_u才能被httpd.在此處了解如何更改標籤。
我知道這是一個舊執行緒,但我的系統上有類似的問題。我將 OL8 與 Apache 一起用作 Web 伺服器。我所做的一切都行不通。直到我執行了這個命令:
sudo chcon -R -t httpd_config_t letsencrypt/我的問題是 SELinux 阻止了請求。
需要學習的是,任何需要由 Apache 執行的東西都必須
httpd_config_t設置為最低限度。