Apache 无法启动 err_log提示SSL Library Error: -8181 Certificate has expired
来源:互联网 发布:淘宝客服怎么引导客户 编辑:程序博客网 时间:2024/06/06 12:37
原本一直正常运行的apache服务器,今天无法正常重启,检查http.conf及其他设置并无修改,按log提示是由于SSL证书过期导致无法正常启动,处理方法如下:
查看error_log发现以下提示信息(意思是证书过期)
[Thu Feb 07 05:17:42 2013] [error] Certificate not verified: 'Server-Cert'
[Thu Feb 07 05:17:42 2013] [error] SSL Library Error: -8181 Certificate has expired
[Thu Feb 07 05:17:42 2013] [error] Unable to verify certificate 'Server-Cert'. Add "NSSEnforceValidCerts off" to nss.conf so the server can start until the problem can be resolved.
一,处理办法
按上面信息提示,可先设置禁止检查证书,待更新证书后再取消此设置,操作方法:
在/etc/httpd/conf.d/nss.conf中加入NSSEnforceValidCerts off此行设置
但由于证书过期,我们需要处理的事情是更新证书,方法如下:
1,先查看证书是否过期
引用
# certutil -d /etc/httpd/alias -L -n Server-Cert
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: PKCS #1 MD5 With RSA Encryption
Issuer: "CN=Certificate Shack,O=example.com,C=US"
Validity:
Not Before: Mon Dec 01 10:43:20 2008
Not After : Sat Dec 01 10:43:20 2012
2,清除旧的证书,并更新证书
引用
# cd /etc/httpd/alias
# rm -f *.db
# /usr/sbin/gencert /etc/httpd/alias > /etc/httpd/alias/install.log 2>&1
# certutil -d /etc/httpd/alias -L -n Server-Cert
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: PKCS #1 SHA-1 With RSA Encryption
Issuer: "CN=Certificate Shack,O=example.com,C=US"
Validity:
Not Before: Thu Feb 07 07:02:53 2013
Not After : Tue Feb 07 07:02:53 2017
3,最后需要修改新的证书的权限
chown root.apache /etc/httpd/alias/*.db
chmod 0640 /etc/httpd/alias/*.db
- Apache 无法启动 err_log提示SSL Library Error: -8181 Certificate has expired
- Github git clone error: Peer's Certificate has expired
- CentOS6—启动httpd失败—Certificate has expired
- apache无法启动,提示the reques poeration has failed
- apache无法启动,提示the requested operation has failed
- Apache无法启动,提示“the requested operation has failed”
- Apache无法启动提示the requested operation has failed
- Xcode Error " The certificate used to sign "XXX" has either expired or has been revoked"
- iOS开发问题---调试提示The certificate used to sign “appName” has either expired or has been revoked.
- SVN Fixing “SSL handshake failed: SSL error: Key usage violation in certificate has been detected.”
- SSL handshake failed: SSL error: Key usage violation in certificate has been detected.
- centos svn checkout 错误 SSL handshake failed: SSL error: Key usage violation in certificate has bee
- Certificate has either expired or has been revoked
- Error: generating final archive:Debug certificate expired
- apache无法启动提示the requested operation has failed的解决方法
- apache无法启动提示the requested operation has failed的解决方法
- 报错:Apache提示 the requested operation has failed无法启动问题
- MyEclipse无法启动 ,弹出提示框---An error has occurred. See the log file
- 从技术到管理续:Zoho用户大会剧透
- 利用websocket实现android消息推送
- OpenCV学习笔记——VideoWriter生成视频流highgui
- 如何用形象的比喻描述大数据的技术生态?Hadoop、Hive、Spark 之间是什么关系?
- 怎么实现word与PDF文档的转换
- Apache 无法启动 err_log提示SSL Library Error: -8181 Certificate has expired
- 中文分词算法 之 基于词典的全切分算法(有点儿柱搜索的味道)
- 同一台服务器上部署多个tomcat程序
- java根据时间生成唯一ID
- 将andriod应用安装为系统应用
- IAR 编译器下如何生成*.Lib文件
- 《Linux实践及应用》
- Exception in thread "main" java.lang.NoClassDefFoundError: com/sun/mail/util/LineInputStream
- 解决“只能通过Chrome网上应用商店安装该程序”的方法