Apache 2 Godaddy SSL error file does not exist or is empty.

Hi,

I am trying to get SSL working on our linux apache server with a Godaddy SSL cert.  I have followed Godaddy's steps and edited the ssl.conf file so that SSLCertificateFile, SSLCertificateKeyFile, and SSLCertificateChainFile all point to their respective files located in /etc/httpd/conf as directed by Godaddy.  When I try to start the apache server I get the error "Syntax error on line 117 of /etc/httpd/conf.d/ssl.conf:
SSLCertificateFile: file '/etc/httpd/conf/server.crt' does not exist or is empty"

It does this for all three of the files.  Can anyone help me get this working?

Thank you
LVL 2
OAC TechnologyProfessional NerdsAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

edster9999Commented:
check permissions.  The user you run apache as needs to be able to read this file.
If it is not that then you need to make sure you have the right format.  SSL certs come in about 4 or 5 different file formats
0
OAC TechnologyProfessional NerdsAuthor Commented:
Shouldn't apache be able to read the file if it is in the apache conf directory?  How do I check this?
0
edster9999Commented:
ls -l /etc/httpd/conf/server.crt

if the file is owned by root (as maybe you were root when you installed it)
and it is set to -rw------
then root can read and write but but your user can not.
0
Top Threats of Q1 & How to Defend Against Them

WEBINAR: Join WatchGuard CTO and our Threat Research Team on Aug. 2nd to hear the findings from our Q1 Internet Security Report! Learn more about the top threats detected in the first quarter and how you can defend your business against them!

OAC TechnologyProfessional NerdsAuthor Commented:
It shows as "-rwxrwxrwx  1 root root 1761 Nov 17 18:33 /etc/httpd/conf/server.crt."  What should I change this to?  Thanks for all the help
0
edster9999Commented:
no thats fine for the moment - everyone has full access to it.  leave it like that for the moment but tighten it up again when you are finished testing (maybe set it to

chmod 600 /etc/httpd/conf/server.crt
and
chown nobody:nobody /etc/httpd/conf/server.crt
(swap nobody for the name of the user that apache uses)

Next check you have lines like these in your httpd.conf file :

SSLCertificateFile /etc/httpd/conf/server.crt
SSLCertificateKeyFile /etc/httpd/conf/server.key

If not put them in.

Restart apache.

test again.
0
OAC TechnologyProfessional NerdsAuthor Commented:
Added the lines and restarted, same error
0
OAC TechnologyProfessional NerdsAuthor Commented:
I commented out those lines in ssl.conf and tried to start apache and it gives me Starting httpd:                                            [FAILED].  It was working before without SSL but now it is not.  Any help would be appreciated just to get this back up and running even without ssl for now
0
edster9999Commented:
SSLCertificateFile /usr/local/apache/conf/ssl.crt/server.crt
#SSLCertificateFile /usr/local/apache/conf/ssl.crt/server-dsa.crt

SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/server.key
#SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/server-dsa.key

Here are the lines frm my ssl.conf file

see if you have those files.  If not put your files in there.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
OAC TechnologyProfessional NerdsAuthor Commented:
Thank you for all the help!  It turns out I had to uncomment the line:

SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP

To make it work.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Apache Web Server

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.