httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "@lbutlr" <>
Subject [users@httpd] Setting up Apache 2.4 with Letsencrypt
Date Tue, 13 Feb 2018 04:54:11 GMT
I have dehydrate properly renewing certs from Let's Encrypt (which I am using successfully
for mail authentication) and I ma trying to get them working for Apache 2.4, but no luck so

I created aliases in /usr/local/etc/apache24/ pointing to the files in /usr/local/etc/dehydrated/certs/domain.tld/fullchain.pem
and privkey.pem

in httpd.conf I have:

LoadModule ssl_module libexec/apache24/

Include etc/apache24/extra/httpd-ssl.conf
<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin

Listen 443
SSLPassPhraseDialog  builtin
SSLSessionCache         "dbm:/var/run/ssl_scache"
SSLSessionCacheTimeout  300

<VirtualHost _default_:443>
  DocumentRoot "/usr/local/www/roundcube"
  ErrorLog "/var/log/httpd-error.log"
  TransferLog "/var/log/httpd-access.log"
  SSLEngine on
  SSLCertificateFile "/usr/local/etc/apache24/ssl.pem"
  SSLCertificateKeyFile "/usr/local/etc/apache24/ssl.key"
  <FilesMatch "\.(cgi|shtml|phtml|php)$">
    SSLOptions +StdEnvVars
  <Directory "/usr/local/www/apache24/cgi-bin">
    SSLOptions +StdEnvVars
  CustomLog "/var/log/httpd-ssl_request.log" \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

 # apachectl -S shows at the end:
*:443                  is a NameVirtualHost
         default server (/usr/local/etc/apache24/extra/httpd-vhosts.conf:32)
         port 443 namevhost (/usr/local/etc/apache24/extra/httpd-vhosts.conf:32)
         port 443 namevhost (/usr/local/etc/apache24/extra/httpd-ssl.conf:83)

But I just get a failed to load error and I don't see anything helpful in the logs.

I tried removing the links in the apache24 folder and copying the .pem files (privkey.pem
to ssl.key), but still get an unable to establish secure connection error.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message