I have a VPS on Linode with Ubuntu 14 and apache2 running on it. For one of the domains I host I need to use the HTTPS protocol so I followed the steps listed below to create and configure an SSL certificate issued by StartSSL. However, after doing so I can't restart apache server anymore. All steps and errors explained below:
The tutorial that I followed is on Linode SSL tutorial
I followed all the steps mentioned there to generate mydomain.com.key
in the /etc/apache2/ssl
folder. Then using the CSR I got myself a signed certificate from StartSSL which I saved in the same folder as mydomain.com.crt
. I got the startssl.cer
from StartSSL - StartCom Root CA (DER encoded) - which also I saved in the same folder.
Then in the /etc/apache2/sites-enabled/mydomain.com.conf
I pasted the following (full contents of file below):
# Admin email, Server Name (domain name), and any aliases
# Index file and Document Root (where the public files are located)
DirectoryIndex index.html index.htm index.php
# Log file locations
CustomLog /home/basedir/public/mydomain.com/log/access.log combined
Now when I restart the apache server I get this error:
basedir@octane:~$ sudo service apache2 restart
* Restarting web server apache2 Action 'start' failed.
The Apache error log may have more information.
The apache error log
[Mon Dec 29 22:16:38.002012 2014] [ssl:emerg] [pid 14453] AH02311: Fatal error initialising mod_ssl, exiting. See /home/basedir/public/mifujiclark.com/log/error.log for more information
The contents of file /home/basedir/public/mydomain.com/log/error.log
[Mon Dec 29 22:16:38.001962 2014] [ssl:emerg] [pid 14453] AH01895: Unable to configure verify locations for client authentication
When I ran the command mentioned in the tutorial (seel link):
openssl req -newkey rsa:2048 -days 365 -nodes -keyout mydomain.com.key -out mydomain.com.csr
There was a step that asked me my
FQDN (Fully Qualified Domain Name) or Common Name (eg, YOUR name) :
There I put in octane.myotherdomain.com (which is my server's principal domain)
Since when I installed my VPS that was the FQDN I used for several other things. Is that responsible for the mess?
Did I need to put in "mydomain.com" instead of "octane.myotherdomain.com"
in that field when I ran the command?
at present my ports.conf looks like this:
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
# NameVirtualHost *:80
# NameVirtualHost *:443
By the way I don't think gnutls is installed as I did not find it in the /etc/apache2/mods-available/
Looking on the internet I found some information regarding NameBasedSSLVHostsWithSNI here
Is this relevant for my case? Do you think I need the server configuration shown on this link? And if so, in which file do I put it?
Sorry about the muddled question but basically the problem is that since I created the SSL certificated and installed it I can't restart my apache server and I've looked everywhere but I can't figure out what I am doing wrong.
Please help. All assistance will be highly appreciated.