Closed jpknz7 closed 5 months ago
All fixed and working again. Edited some more files (largly undoing what I did) and moved the default/original certs back instead of the revoked ones. bncert ran and all working now (with autorenew cron set-up).
The latest diagnostics didn't produce any issues so closing. The latest diagnostics are at 285cec35-354f-108b-6616-792c235c57b6
Hi @jpknz7,
Thanks for using Bitnami and for sharing your solution. I'm glad you managed to fix your issue!
Platform
AWS
bndiagnostic ID know more about bndiagnostic ID
6227eb9b-7d97-f831-7281-43ab9bb43798
bndiagnostic output
bndiagnostic was not useful. Could you please tell us why?
I know what the issue is (based on the bndiagnostic) - just not how to correct it
Describe your issue as much as you can
Issue started when I revoked SSL cert as I wanted to use bncert instead of certbot (so I don't have to bother with renewals).
Initially bncert wouldn't find the installation (when I tried to run just before it found it no issues and went through the entire process but as apache fails to start - due to SSL issue - it didn't make any changes)
Have run several diags and tired several things to fully remove/turn off SSL in apache however I'm now at the point where I can't figure out what to do next.
Initial diagnostics were 76a37365-47a6-8330-3259-e4e61b5a07c8 fb4c3054-1a71-f130-7214-90f6b2fb0f8c 2cf50bc0-75a2-c59f-7048-9f25829e6b0e (this one may not have been uploaded)
The latest is 6227eb9b-7d97-f831-7281-43ab9bb43798 which shows
[Wed Apr 24 07:48:15.698281 2024] [ssl:emerg] [pid 761:tid 139717157891328] AH02572: Failed to configure at least one certificate and key for ip_address:443 [Wed Apr 24 07:48:15.701922 2024] [ssl:emerg] [pid 761:tid 139717157891328] SSL Library Error: error:140A80B1:SSL routines:SSL_CTX_check_private_key:no certificate assigned [Wed Apr 24 07:48:15.701941 2024] [ssl:emerg] [pid 761:tid 139717157891328] AH02312: Fatal error initialising mod_ssl, exiting.
I'm aware the above says ip_address - previous logs have the domain name instead (I updated some config somewhere to use the IP instead of the domain). I know it'll be a simple bit of config somewhere to remove/modify but I can't quite figure out where that config is.
TLDR - how do I revert back to a non-SSL state in apache so I can start apache and then start again to generate the certificates for the domain in question?
Thanks