Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 6110
  • Last Modified:

Apache 2 Godaddy SSL error file does not exist or is empty.

Hi,

I am trying to get SSL working on our linux apache server with a Godaddy SSL cert.  I have followed Godaddy's steps and edited the ssl.conf file so that SSLCertificateFile, SSLCertificateKeyFile, and SSLCertificateChainFile all point to their respective files located in /etc/httpd/conf as directed by Godaddy.  When I try to start the apache server I get the error "Syntax error on line 117 of /etc/httpd/conf.d/ssl.conf:
SSLCertificateFile: file '/etc/httpd/conf/server.crt' does not exist or is empty"

It does this for all three of the files.  Can anyone help me get this working?

Thank you
0
OAC Technology
Asked:
OAC Technology
  • 5
  • 4
1 Solution
 
edster9999Commented:
check permissions.  The user you run apache as needs to be able to read this file.
If it is not that then you need to make sure you have the right format.  SSL certs come in about 4 or 5 different file formats
0
 
OAC TechnologyProfessional NerdsAuthor Commented:
Shouldn't apache be able to read the file if it is in the apache conf directory?  How do I check this?
0
 
edster9999Commented:
ls -l /etc/httpd/conf/server.crt

if the file is owned by root (as maybe you were root when you installed it)
and it is set to -rw------
then root can read and write but but your user can not.
0
Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

 
OAC TechnologyProfessional NerdsAuthor Commented:
It shows as "-rwxrwxrwx  1 root root 1761 Nov 17 18:33 /etc/httpd/conf/server.crt."  What should I change this to?  Thanks for all the help
0
 
edster9999Commented:
no thats fine for the moment - everyone has full access to it.  leave it like that for the moment but tighten it up again when you are finished testing (maybe set it to

chmod 600 /etc/httpd/conf/server.crt
and
chown nobody:nobody /etc/httpd/conf/server.crt
(swap nobody for the name of the user that apache uses)

Next check you have lines like these in your httpd.conf file :

SSLCertificateFile /etc/httpd/conf/server.crt
SSLCertificateKeyFile /etc/httpd/conf/server.key

If not put them in.

Restart apache.

test again.
0
 
OAC TechnologyProfessional NerdsAuthor Commented:
Added the lines and restarted, same error
0
 
OAC TechnologyProfessional NerdsAuthor Commented:
I commented out those lines in ssl.conf and tried to start apache and it gives me Starting httpd:                                            [FAILED].  It was working before without SSL but now it is not.  Any help would be appreciated just to get this back up and running even without ssl for now
0
 
edster9999Commented:
SSLCertificateFile /usr/local/apache/conf/ssl.crt/server.crt
#SSLCertificateFile /usr/local/apache/conf/ssl.crt/server-dsa.crt

SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/server.key
#SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/server-dsa.key

Here are the lines frm my ssl.conf file

see if you have those files.  If not put your files in there.
0
 
OAC TechnologyProfessional NerdsAuthor Commented:
Thank you for all the help!  It turns out I had to uncomment the line:

SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP

To make it work.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now