Apache2 error message

you need to define the host name in /etc/hosts
reload/restart apache and it should go away

okay, that fixed this issue; but seems like it also is still only seeing the old certificate and not the new one.  I have updated the path to the new cert in default-ssl file but didnt seem to fix the issue.

We posted at the same time. What error are you getting now?

actually, I rebooted and restarted apache2 and am still receiving the error, here is what I see now:

apache2apache2:  Could not reliably determine the server's fully qualified domain name using xxx.xxx.xxx.xx for ServerName waiting apache2:  
Could not reliably determine the servers fully qualified domain name, using xxx.xxx.xxx.xx for ServerName

Is this actually causing a functional error, as in the cert is still not working, or is it just an annoyance error? Certs are tied to FQDNs, which are tied to IP addresses, so if you have the ServerName in the config correct, it should (in theory) actually work.

Now, that said, theory never works for me.

It's weird to me that the "guessed" ServerName is now an IPv4 address, but was IPv6 before. Can you post the relevant parts of your configuration (obfuscating what you need to like you did above)?

Mike

Check what output you get from 'hostname --fqdn".
If it is not same as FQDN you want, then we need to fix this.

I am not able to recollect completely but I think /etc/hosts file needs to have an entry with hostname (i.e. out of command 'hostname')  and fqdn on same line.

How do I disable ipv6, by just commenting it out?

Here is what i have:

x.x.x.x  FPT-SERVER01  myserver.fpt.com
x.x.x.x  FPT-SERVER01  myserver.fpt.com

One is internal ip and other is external ip.....let me know if this is right.

paste below file output

/etc/sysconfig/network

Here is the output, but network is a directory in this version, this is interfaces:

# Used by ifup(8) and ifdown(8). See the interfaces(5) manpage or
# /usr/share/doc/ifupdown/examples for more information.
# The loopback network interface
auto lo
iface lo inet loopback

# Label public
auto eth0
iface eth0 inet static
    address 141.240.231.70
    netmask 255.255.255.0
    gateway 142.240.231.1
iface eth0 inet6 static
    address 2001:4802:7801:0103:9128:887c:ff20:2cdb
    netmask 64
    gateway fe80::def
    dns-nameservers 49.20.0.164 49.20.0.196

# Label private
auto eth1
iface eth1 inet static
    address 10.176.168.90
    netmask 255.255.224.0
    dns-nameservers 49.20.0.164 49.20.0.196
    post-up route add -net 10.10.0.0 netmask 255.240.0.0 gw 10.10.160.1 || tr$
    pre-down route del -net 10.10.0.0 netmask 255.240.0.0 gw 10.10.160.1 || t$
    post-up route add -net 10.20.0.0 netmask 255.240.0.0 gw 10.10.160.1 || tr$
    pre-down route del -net 10.20.0.0 netmask 255.240.0.0 gw 10.10.160.1 || t$

First comment this section out.

iface eth0 inet6 static
    address 2001:4802:7801:0103:9128:887c:ff20:2cdb
    netmask 64
    gateway fe80::def
    dns-nameservers 49.20.0.164 49.20.0.196

and then do IPv4 specific binding in apache to avoid listening on IPv6 by web directive.

TY/SA

also the main issue I am having is even though I changed out the certs, its still showing the old self signed certificate versus the new cert I purchased.

ok commented that out; how do i do the IPv4 specific binding in apache?

okay, made this change; it gave me a few errors and the old certificate is still the one the web server is using.

i did put the path in default-ssl file, is this the only location?  I will move the old cert now and see

check conf.d/ssl.conf also..

i moved the files out of the directory and seems now apache wont start;  i moved them back and apache works.....

okay, its working now with the new cert!  Thank you