SSL証明書の使用に問題があります。
Let's Encrypt証明書を使用していますが、すべてが正常です。 DigiCertが発行した証明書に切り替えようとしていますが、再び機能しないようです。 httpdは起動しません。
正しい方向を示すために、フィードバック、コメント、質問などを提供してください。
#systemctl httpd.service 再起動
Job for httpd.service failed because the control process exited with error code.
See "systemctl status httpd.service" and "journalctl -xeu httpd.service" for details.
$journalctl -xeu httpd.service
Jun 14 16:30:01 www systemd[1]: Starting The Apache HTTP Server...
░░ Subject: A start job for unit httpd.service has begun execution
░░ Defined-By: systemd
░░ Support: https://access.redhat.com/support
░░
░░ A start job for unit httpd.service has begun execution.
░░
░░ The job identifier is 35150873.
Jun 14 16:30:01 www systemd[1]: httpd.service: Main process exited, code=exited, status=1/FAILURE
░░ Subject: Unit process exited
░░ Defined-By: systemd
░░ Support: https://access.redhat.com/support
░░
░░ An ExecStart= process belonging to unit httpd.service has exited.
░░
░░ The process' exit code is 'exited' and its exit status is 1.
Jun 14 16:30:01 www systemd[1]: httpd.service: Failed with result 'exit-code'.
░░ Subject: Unit failed
░░ Defined-By: systemd
░░ Support: https://access.redhat.com/support
░░
░░ The unit httpd.service has entered the 'failed' state with result 'exit-code'.
Jun 14 16:30:01 www systemd[1]: Failed to start The Apache HTTP Server.
░░ Subject: A start job for unit httpd.service has failed
░░ Defined-By: systemd
░░ Support: https://access.redhat.com/support
░░
░░ A start job for unit httpd.service has finished with a failure.
░░
░░ The job identifier is 35150873 and the job result is failed.
$systemctl ステータス httpd.service
× httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Drop-In: /usr/lib/systemd/system/httpd.service.d
└─php-fpm.conf
Active: failed (Result: exit-code) since Wed 2023-06-14 16:10:08 EDT; 6s ago
Duration: 23h 48min 30.301s
Docs: man:httpd.service(8)
Process: 3216240 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND (code=exited, status=1/FAILURE)
Main PID: 3216240 (code=exited, status=1/FAILURE)
Status: "Reading configuration..."
CPU: 39ms
Jun 14 16:10:08 www systemd[1]: Starting The Apache HTTP Server...
Jun 14 16:10:08 www systemd[1]: httpd.service: Main process exited, code=exited, status=1/FAILURE
Jun 14 16:10:08 www systemd[1]: httpd.service: Failed with result 'exit-code'.
Jun 14 16:10:08 www systemd[1]: Failed to start The Apache HTTP Server.
ssl.confの内容は次のとおりです。
SSLPassPhraseDialog exec:/usr/libexec/httpd-ssl-pass-dialog
SSLSessionCache shmcb:/run/httpd/sslcache(512000)
SSLSessionCacheTimeout 300
SSLCryptoDevice builtin
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn
SSLEngine on
SSLHonorCipherOrder on
SSLCipherSuite PROFILE=SYSTEM
SSLProxyCipherSuite PROFILE=SYSTEM
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/var/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-5]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
ServerName www:443
mydomain.confの内容は次のとおりです。
ServerAdmin [email protected]
ServerName www.mydomain.com
ServerAlias mydomain.com
DocumentRoot /var/www/html/mydomain.com
<Directory "/var/www/html/mydomain.com">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
ErrorLog "logs/error_log_mydomain.com"
CustomLog "logs/access_log_mydomain.com" combined
RewriteEngine on
RewriteCond %{SERVER_NAME} =prod.mydomain.com [OR]
RewriteCond %{SERVER_NAME} =mydomain.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<VirtualHost *:443>
ServerName www.mydomain.com
ServerAlias mydomain.com
DocumentRoot /var/www/html/mydomain.com
<Directory "/var/www/html/mydomain.com">
Options FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/prod.mydomain.com.crt
SSLCertificateKeyFile /etc/pki/tls/private/prod.mydomain.com.key
SSLCACertificateFile /etc/pki/tls/certs/DigiCertCA.crt
</VirtualHost>
$http -t
Syntax OK
$cat /var/log/httpd/error_log
[Wed Jun 14 12:36:20.378579 2023] [core:notice] [pid 3210863:tid 3210863] SELinux policy enabled; httpd running as context system_u:system_r:httpd_t:s0
[Wed Jun 14 12:36:20.379481 2023] [suexec:notice] [pid 3210863:tid 3210863] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Wed Jun 14 12:36:20.381647 2023] [ssl:emerg] [pid 3210863:tid 3210863] AH02311: Fatal error initialising mod_ssl, exiting. See /etc/httpd/logs/ssl_error_log for more information
AH00016: Configuration Failed
#cat /var/log/httpd/ssl_error_log
[Wed Jun 14 16:30:01.562719 2023] [core:notice] [pid 3216760:tid 3216760] SELinux policy enabled; httpd running as context system_u:system_r:httpd_t:s0
[Wed Jun 14 16:30:01.563467 2023] [suexec:notice] [pid 3216760:tid 3216760] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Wed Jun 14 16:30:01.565223 2023] [ssl:emerg] [pid 3216760:tid 3216760] AH02572: Failed to configure at least one certificate and key for www:443
[Wed Jun 14 16:30:01.565244 2023] [ssl:emerg] [pid 3216760:tid 3216760] SSL Library Error: error:0A0000B1:SSL routines::no certificate assigned
[Wed Jun 14 16:30:01.565249 2023] [ssl:emerg] [pid 3216760:tid 3216760] AH02312: Fatal error initialising mod_ssl, exiting.
AH00016: Configuration Failed