search

bitnami / vms

Bitnami VMs
https://bitnami.com
Other
206 stars 43 forks source link

[AWS LightSail Bitnami Apache] Unable to start Apache (SSL Issue) #1503

Closed jpknz7 closed 5 months ago

jpknz7 commented 5 months ago

Platform

AWS

bndiagnostic ID know more about bndiagnostic ID

6227eb9b-7d97-f831-7281-43ab9bb43798

bndiagnostic output

? Resources: Found possible issues
? Connectivity: Found possible issues
✓ Mariadb: No issues found
✓ Processes: No issues found
✓ Wordpress: No issues found
? Apache: Found possible issues
✓ Php: No issues found

bndiagnostic was not useful. Could you please tell us why?

I know what the issue is (based on the bndiagnostic) - just not how to correct it

Describe your issue as much as you can

Issue started when I revoked SSL cert as I wanted to use bncert instead of certbot (so I don't have to bother with renewals).

Initially bncert wouldn't find the installation (when I tried to run just before it found it no issues and went through the entire process but as apache fails to start - due to SSL issue - it didn't make any changes)

Have run several diags and tired several things to fully remove/turn off SSL in apache however I'm now at the point where I can't figure out what to do next.

Initial diagnostics were 76a37365-47a6-8330-3259-e4e61b5a07c8 fb4c3054-1a71-f130-7214-90f6b2fb0f8c 2cf50bc0-75a2-c59f-7048-9f25829e6b0e (this one may not have been uploaded)

The latest is 6227eb9b-7d97-f831-7281-43ab9bb43798 which shows

[Wed Apr 24 07:48:15.698281 2024] [ssl:emerg] [pid 761:tid 139717157891328] AH02572: Failed to configure at least one certificate and key for ip_address:443 [Wed Apr 24 07:48:15.701922 2024] [ssl:emerg] [pid 761:tid 139717157891328] SSL Library Error: error:140A80B1:SSL routines:SSL_CTX_check_private_key:no certificate assigned [Wed Apr 24 07:48:15.701941 2024] [ssl:emerg] [pid 761:tid 139717157891328] AH02312: Fatal error initialising mod_ssl, exiting.

I'm aware the above says ip_address - previous logs have the domain name instead (I updated some config somewhere to use the IP instead of the domain). I know it'll be a simple bit of config somewhere to remove/modify but I can't quite figure out where that config is.

TLDR - how do I revert back to a non-SSL state in apache so I can start apache and then start again to generate the certificates for the domain in question?

Thanks

jpknz7 commented 5 months ago

All fixed and working again. Edited some more files (largly undoing what I did) and moved the default/original certs back instead of the revoked ones. bncert ran and all working now (with autorenew cron set-up).

The latest diagnostics didn't produce any issues so closing. The latest diagnostics are at 285cec35-354f-108b-6616-792c235c57b6

gongomgra commented 5 months ago

Hi @jpknz7,

Thanks for using Bitnami and for sharing your solution. I'm glad you managed to fix your issue!