Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[Solved] apache failing to start - err diag in ssl_error_log
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
lyallp
Veteran
Veteran


Joined: 15 Jul 2004
Posts: 1597
Location: Adelaide/Australia

PostPosted: Mon Feb 05, 2024 11:42 am    Post subject: [Solved] apache failing to start - err diag in ssl_error_log Reply with quote

I rebooted my Gentoo linux desktop machine, for no particular reason for the first time in a week or so.

Now, my apache server does not start.

After some searching, I finally found an error message in /var/log/apache/ssl_error_log

Code:

AH02562: Failed to configure certificate Lyalls-PC:443:0 (with chain), check /etc/ssl/apache2/server.crt
SSL Library Error: error:0A00018F:SSL routines::ee key too small


I tried simply re-emerging apache, hoping that this would sort the problem out.

I tried renewing my certs with Lets Encrypt using the certbot.sh script.

It's something to do with my self signed certifcates being too small, which, quite frankly, I couldn't give a toss about.

If I knew how to set my SSL Security level down so this problem would go away, I would.

What do I have to do to get things going again?

Assistance would be appreciated.

:)

Latest stable desktop Gentoo.

Apache 2.4.58
OpenSSL 3.2.1-r1
_________________
...Lyall


Last edited by lyallp on Mon Feb 05, 2024 12:10 pm; edited 1 time in total
Back to top
View user's profile Send private message
lyallp
Veteran
Veteran


Joined: 15 Jul 2004
Posts: 1597
Location: Adelaide/Australia

PostPosted: Mon Feb 05, 2024 12:09 pm    Post subject: Reply with quote

Fixed.
Regenerated the server cert as per https://forums.gentoo.org/viewtopic-p-6050728.html?sid=cbbe34ea29d2b804250eb985f879118d
_________________
...Lyall
Back to top
View user's profile Send private message
lyallp
Veteran
Veteran


Joined: 15 Jul 2004
Posts: 1597
Location: Adelaide/Australia

PostPosted: Thu Feb 15, 2024 3:52 am    Post subject: Reply with quote

Additional info, I went to the LetsEncrypt apache configuration - and it appears my LetsEncrypt config was lost somehow.

Following the settings in LetsEncrypt fixed my problem, meaning I did not have to re-build my local certificates, which are untrusted externally.
_________________
...Lyall
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum