# Apache2 and server.crt does not exist.

## crkpipe1

Greetings all,

I have emerged, unmerged and remerged using every possible combination of mod_ssl, mod_php, apache, etc. . . and I cannot get apache2 to start.  

The error message being returned is as follows:

Apache2 has detected a syntax error in your configuration files:

Syntax error on line 44 of /usr/lib/apache2/conf/modules.d/41_mod_ssl.default-vhost.conf:

SSLCertificateFile: file 'usr/lib/apache/conf/ssl/server.crt does not exist or is empty.

What is it exacly looking for, I was under the impression that ssl was built into the apache2 ebuild and would work?

Is there a certificate that needs to be generated that apache is looking for?

Any ideas, suggestions or solutions I thank you in advance for!

cb

----------

## wolvie

check the 44 of /etc/apache2/conf/modules.d/41_mod_ssl.default-vhost.conf you should find something like

```
SSLCertificateFile /path/to/server.crt
```

check if this file (server.crt) exists and its not empty. if not exist or empty you can create a self signed certificate to bring apache up (assuming that you and ssl support for apache, if not just edit /etc/conf.d/apache and comment out the line:

```
APACHE2_OPTS="-D SSL"
```

this line can have other options like -D PHP4, if so just wipe the -D SSL from this options and start apache)

to create this certificate run

```
openssl req -new -nodes -newkey rsa:1024 -sha1 -3des -keyform PEM -keyout server.key -outform PEM -out request.pem

openssl x509 -req -in request.pem -signkey base.priv -out server.crt
```

that will generate a passwordless key and certificate, which is not that secure so if you wan't a password for this change

```
openssl req -new -nodes -newkey rsa:1024 -sha1 -3des -keyform PEM -keyout base.priv -outform PEM -out request.pem
```

to

```
openssl req -new -newkey rsa:1024 -sha1 -keyform PEM -keyout base.priv -outform PEM -out request.pem
```

and then copy the files server.crt and server.key to the path specified on /etc/apache2/conf/modules.d/41_mod_ssl.default-vhost.conf and start apache, you can discard request.pem once the .crt file is created..

----------

## crackpipe1

Wolvie,

I tried what you have suggested and here is what happens... all I get now when I try to start apache now is the red [!!] with no error message.  

I turn off the APACHE2_OPTS="-D SSL" and apache loads [OK] what is it about ssl that apache2 is not liking?

I have unmerged and remerged in various different orders and combinations using different variables in make.conf but it only seems that I can get apache2 to work by turning off the "-D SSL" option, which of course is not good.

Any suggestions or ideas I thank you in advance for!

cb

----------

## nobspangle

check your error log to see why apache is not starting.

/var/log/apache2/error_log

----------

## Chris..S

I suspect it will be missing directory /var/cache/apache2. 

mkdir /var/cache/apache2

and you should be able to /etc/init.d/apache2 start 

I have just completed a clean install of apache2/ssl/php.  You seem to have got passed the first three changes that I needed to make.  This was the last one.  After that apache started ok.

----------

## Dagger

 *crkpipe1 wrote:*   

> Greetings all,
> 
> Apache2 has detected a syntax error in your configuration files:
> 
> Syntax error on line 44 of /usr/lib/apache2/conf/modules.d/41_mod_ssl.default-vhost.conf:
> ...

 

Looks like your config points APACHE1 cert not APACHE2 try to change it to SSLCertificateFile: file 'usr/lib/apache2/conf/ssl/server.crt. I assume you already generated your certs.

----------

## mwalle

here's what i did to solve the errors:

```

pretty ~ # openssl req -newkey rsa:1024 -keyout server.key -nodes -x509 -out server.crt

pretty ~ # openssl req -newkey rsa:1024 -keyout server.key -nodes -x509 -out server.key

pretty ~ # mv server.crt /usr/lib/apache2/conf/ssl/server.crt

pretty ~ # mv server.key /usr/lib/apache2/conf/ssl/server.key

pretty ~ # /etc/init.d/apache2 start

 * Starting apache2 ... 

```

at which point it ends... no [ok] or [!!]... i go to http://127.0.0.1 in firefox and i get connection refused... 

So then:

```

pretty ~ # /etc/init.d/apache2 stop

 * ERROR:  "apache2" has not yet been started.

```

help?

----------

## mwalle

after an emerge --unmerge apache and then emerging it i get:

```

pretty ~ # /etc/init.d/apache2 start

 * Starting apache2 ...                                           [ !! ]

```

so naturally i check the error log so i can copy/paste it for you people, since i don't etirely understand it:

```

pretty ~ # cat /var/log/apache2/error_log

[Sat Jan 15 10:27:19 2005] [notice] Digest: generating secret for digest authentication ...

[Sat Jan 15 10:27:19 2005] [notice] Digest: done

[Sat Jan 15 10:27:20 2005] [notice] Apache/2.0.52 (Gentoo/Linux) configured -- resuming normal operations

[Sat Jan 15 14:56:45 2005] [notice] caught SIGTERM, shutting down

```

anything will help at this point. i've had apache with ssl working in the past, it just seems to be this ebuild.

thanks

----------

## rickvernam

I was having this problem, but is has gone away now.

I looked in 'ssl_error_log' for clues, mine was located at /usr/lib/apache2/logs.  Have you looked in there yet?

Here are some things I did that I think may have contributed to getting this darn thing working (my first time doing this, so I really don't know much except that I did the following and now it works)...

in /etc/conf.d/apache2.conf:

APACHE2_OPTS="-D SSL -D PHP5"

make sure to uncomment this line, I almost missed that...

in /etc/apache2/conf/modules.d/41_mod_ssl.default-vhost.conf:

line 44: SSLCertificateFile /etc/apache2/conf/ssl/server.crt

line 52: SSLCertificateKeyFile /etc/apache2/conf/ssl/server.key

server.* were generated by running the following commands in the /etc/apache2/conf/ssl folder as root.  During the processes, it asks a bunch of questions, I don't know if it matters, but I answered the questions Identically for both files:

openssl req -newkey rsa:1024 -keyout server.key -nodes -x509 -out server.crt 

openssl req -newkey rsa:1024 -keyout server.key -nodes -x509 -out server.key

I don't think I did anything else...but then again, even now only about 4 or 5 minutes after getting it to work, I don't remember...

----------

## ikshaar

Having the same problem to start apache2 (no previous apache1 was installed), I saw that the emerge ended with a warning about a missing ssl directory.

```
>>> /usr/lib/apache2/logs -> /var/log/apache2

ssl

ssl

/usr/lib/portage/bin/ebuild.sh: line 384: cd: //etc/apache2/conf/ssl: No such file or directory

 *

 * Generating self-signed test certificate in /etc/apache2/conf/ssl...

 *

>>> Regenerating /etc/ld.so.cache...

 * Caching service dependencies...

>>> net-www/apache-2.0.52-r1 merged.
```

As this certificate seems to be missing ...i would say there might be an error in ebuild or install script and it also does not detect that this certification creation failed.

(complete n00b on apache/web server, so I am really guessing here...)

PS: I just wanted to share a calendar with Webdav... i wish there was something simpler than apache2 for that...

----------

