Solved

Apache2 error message

Posted on 2014-02-16
22
449 Views
Last Modified: 2014-02-17
After installing an SSL certificate from a cert authority, apache2 now restarts although I get this message:

Could not reliably determine the servers fully qualified domain name, using 2001:4325:4332:432:4321:432d:dd43:3fss for ServerName

I am using a domain name, but not sure if i need to put this somewhere or how I can resolve this message.
0
Comment
Question by:Jack_son_
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 10
  • 7
  • 3
  • +2
22 Comments
 
LVL 34

Expert Comment

by:Seth Simmons
ID: 39863695
you need to define the host name in /etc/hosts
reload/restart apache and it should go away
0
 

Author Comment

by:Jack_son_
ID: 39863802
okay, that fixed this issue; but seems like it also is still only seeing the old certificate and not the new one.  I have updated the path to the new cert in default-ssl file but didnt seem to fix the issue.
0
 
LVL 12

Assisted Solution

by:junipllc
junipllc earned 100 total points
ID: 39863807
Put the directive:

ServerName hostname.example.com

into your apache2.conf or httpd.conf. Ubuntu uses apache2.conf and CentOS uses httpd.conf.

Of course, hostname.example.com should be your actual FQDN.

I believe this will remove the error, but I can't be sure since I don't know any more details about your particular setup. Try it first and if it doesn't work, post back.

Best,

Michael
0
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

 
LVL 12

Expert Comment

by:junipllc
ID: 39863810
We posted at the same time. What error are you getting now?
0
 

Author Comment

by:Jack_son_
ID: 39863832
actually, I rebooted and restarted apache2 and am still receiving the error, here is what I see now:

apache2apache2:  Could not reliably determine the server's fully qualified domain name using xxx.xxx.xxx.xx for ServerName waiting apache2:  
Could not reliably determine the servers fully qualified domain name, using xxx.xxx.xxx.xx for ServerName
0
 
LVL 12

Expert Comment

by:junipllc
ID: 39863854
Is this actually causing a functional error, as in the cert is still not working, or is it just an annoyance error? Certs are tied to FQDNs, which are tied to IP addresses, so if you have the ServerName in the config correct, it should (in theory) actually work.

Now, that said, theory never works for me.

It's weird to me that the "guessed" ServerName is now an IPv4 address, but was IPv6 before. Can you post the relevant parts of your configuration (obfuscating what you need to like you did above)?

Mike
0
 
LVL 2

Expert Comment

by:c_kedar
ID: 39864194
Check what output you get from 'hostname --fqdn".
If it is not same as FQDN you want, then we need to fix this.

I am not able to recollect completely but I think /etc/hosts file needs to have an entry with hostname (i.e. out of command 'hostname')  and fqdn on same line.
0
 
LVL 13

Assisted Solution

by:Sandy
Sandy earned 400 total points
ID: 39864411
if you are not using IPv6 then disable it under /etc/sysconfig/network and also opt out apache <directive> from using the IPv6.

TY/SA
0
 

Author Comment

by:Jack_son_
ID: 39864501
How do I disable ipv6, by just commenting it out?

Here is what i have:

x.x.x.x  FPT-SERVER01  myserver.fpt.com
x.x.x.x  FPT-SERVER01  myserver.fpt.com

One is internal ip and other is external ip.....let me know if this is right.
0
 
LVL 13

Expert Comment

by:Sandy
ID: 39864543
paste below file output

/etc/sysconfig/network
0
 

Author Comment

by:Jack_son_
ID: 39864598
Here is the output, but network is a directory in this version, this is interfaces:

# Used by ifup(8) and ifdown(8). See the interfaces(5) manpage or
# /usr/share/doc/ifupdown/examples for more information.
# The loopback network interface
auto lo
iface lo inet loopback

# Label public
auto eth0
iface eth0 inet static
    address 141.240.231.70
    netmask 255.255.255.0
    gateway 142.240.231.1
iface eth0 inet6 static
    address 2001:4802:7801:0103:9128:887c:ff20:2cdb
    netmask 64
    gateway fe80::def
    dns-nameservers 49.20.0.164 49.20.0.196

# Label private
auto eth1
iface eth1 inet static
    address 10.176.168.90
    netmask 255.255.224.0
    dns-nameservers 49.20.0.164 49.20.0.196
    post-up route add -net 10.10.0.0 netmask 255.240.0.0 gw 10.10.160.1 || tr$
    pre-down route del -net 10.10.0.0 netmask 255.240.0.0 gw 10.10.160.1 || t$
    post-up route add -net 10.20.0.0 netmask 255.240.0.0 gw 10.10.160.1 || tr$
    pre-down route del -net 10.20.0.0 netmask 255.240.0.0 gw 10.10.160.1 || t$
0
 
LVL 13

Expert Comment

by:Sandy
ID: 39864604
First comment this section out.

iface eth0 inet6 static
    address 2001:4802:7801:0103:9128:887c:ff20:2cdb
    netmask 64
    gateway fe80::def
    dns-nameservers 49.20.0.164 49.20.0.196

and then do IPv4 specific binding in apache to avoid listening on IPv6 by web directive.

TY/SA
0
 

Author Comment

by:Jack_son_
ID: 39864610
also the main issue I am having is even though I changed out the certs, its still showing the old self signed certificate versus the new cert I purchased.
0
 

Author Comment

by:Jack_son_
ID: 39864653
ok commented that out; how do i do the IPv4 specific binding in apache?
0
 
LVL 13

Assisted Solution

by:Sandy
Sandy earned 400 total points
ID: 39864666
instead of <VirtualHost *:80>  use <VirtualHost IP:80>
0
 

Author Comment

by:Jack_son_
ID: 39864692
okay, made this change; it gave me a few errors and the old certificate is still the one the web server is using.
0
 
LVL 13

Assisted Solution

by:Sandy
Sandy earned 400 total points
ID: 39864704
Did you specify the new cert location in web directive ? Move old certificate from the directory including keys.

TY/SA
0
 

Author Comment

by:Jack_son_
ID: 39864712
i did put the path in default-ssl file, is this the only location?  I will move the old cert now and see
0
 
LVL 13

Expert Comment

by:Sandy
ID: 39864715
check conf.d/ssl.conf also..
0
 

Author Comment

by:Jack_son_
ID: 39864726
i moved the files out of the directory and seems now apache wont start;  i moved them back and apache works.....
0
 
LVL 13

Accepted Solution

by:
Sandy earned 400 total points
ID: 39864797
That means Apache still looking for old certs hence you need to search their entry in conf file and modify to use the new cert.

TY/SA
0
 

Author Comment

by:Jack_son_
ID: 39864851
okay, its working now with the new cert!  Thank you
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
How to use question mark (?) in filename with html 25 100
Linux mount of Windows Shared Now Fails 8 115
PHP error function not working on AWS 10 127
Windows 10 linux VM 18 41
Introduction This article explores the design of a cache system that can improve the performance of a web site or web application.  The assumption is that the web site has many more “read” operations than “write” operations (this is commonly the ca…
If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question