Apache HTTP サーバーを起動できません。

Apache HTTP サーバーを起動できません。

SSL証明書の使用に問題があります。

Let's Encrypt証明書を使用していますが、すべてが正常です。 DigiCertが発行した証明書に切り替えようとしていますが、再び機能しないようです。 httpdは起動しません。

正しい方向を示すために、フィードバック、コメント、質問などを提供してください。

#systemctl httpd.service 再起動

Job for httpd.service failed because the control process exited with error code.
See "systemctl status httpd.service" and "journalctl -xeu httpd.service" for details.

$journalctl -xeu httpd.service

Jun 14 16:30:01 www systemd[1]: Starting The Apache HTTP Server...
░░ Subject: A start job for unit httpd.service has begun execution
░░ Defined-By: systemd
░░ Support: https://access.redhat.com/support
░░
░░ A start job for unit httpd.service has begun execution.
░░
░░ The job identifier is 35150873.
Jun 14 16:30:01 www systemd[1]: httpd.service: Main process exited, code=exited, status=1/FAILURE
░░ Subject: Unit process exited
░░ Defined-By: systemd
░░ Support: https://access.redhat.com/support
░░
░░ An ExecStart= process belonging to unit httpd.service has exited.
░░
░░ The process' exit code is 'exited' and its exit status is 1.
Jun 14 16:30:01 www systemd[1]: httpd.service: Failed with result 'exit-code'.
░░ Subject: Unit failed
░░ Defined-By: systemd
░░ Support: https://access.redhat.com/support
░░
░░ The unit httpd.service has entered the 'failed' state with result 'exit-code'.
Jun 14 16:30:01 www systemd[1]: Failed to start The Apache HTTP Server.
░░ Subject: A start job for unit httpd.service has failed
░░ Defined-By: systemd
░░ Support: https://access.redhat.com/support
░░
░░ A start job for unit httpd.service has finished with a failure.
░░
░░ The job identifier is 35150873 and the job result is failed.

$systemctl ステータス httpd.service

× httpd.service - The Apache HTTP Server
     Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
    Drop-In: /usr/lib/systemd/system/httpd.service.d
             └─php-fpm.conf
     Active: failed (Result: exit-code) since Wed 2023-06-14 16:10:08 EDT; 6s ago
   Duration: 23h 48min 30.301s
       Docs: man:httpd.service(8)
    Process: 3216240 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND (code=exited, status=1/FAILURE)
   Main PID: 3216240 (code=exited, status=1/FAILURE)
     Status: "Reading configuration..."
        CPU: 39ms

Jun 14 16:10:08 www systemd[1]: Starting The Apache HTTP Server...
Jun 14 16:10:08 www systemd[1]: httpd.service: Main process exited, code=exited, status=1/FAILURE
Jun 14 16:10:08 www systemd[1]: httpd.service: Failed with result 'exit-code'.
Jun 14 16:10:08 www systemd[1]: Failed to start The Apache HTTP Server.

ssl.confの内容は次のとおりです。

SSLPassPhraseDialog exec:/usr/libexec/httpd-ssl-pass-dialog
SSLSessionCache         shmcb:/run/httpd/sslcache(512000)
SSLSessionCacheTimeout  300
SSLCryptoDevice builtin

ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn
SSLEngine on
SSLHonorCipherOrder on
SSLCipherSuite PROFILE=SYSTEM
SSLProxyCipherSuite PROFILE=SYSTEM
<FilesMatch "\.(cgi|shtml|phtml|php)$">
    SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/var/www/cgi-bin">
    SSLOptions +StdEnvVars
</Directory>

BrowserMatch "MSIE [2-5]" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0

CustomLog logs/ssl_request_log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

ServerName www:443

mydomain.confの内容は次のとおりです。

ServerAdmin [email protected]
  ServerName www.mydomain.com
  ServerAlias mydomain.com
  DocumentRoot /var/www/html/mydomain.com
  <Directory "/var/www/html/mydomain.com">
    Options Indexes FollowSymLinks
    AllowOverride All
    Require all granted
  </Directory>
  ErrorLog "logs/error_log_mydomain.com"
  CustomLog "logs/access_log_mydomain.com" combined
  RewriteEngine on
  RewriteCond %{SERVER_NAME} =prod.mydomain.com [OR]
  RewriteCond %{SERVER_NAME} =mydomain.com
  RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

<VirtualHost *:443>
  ServerName www.mydomain.com
  ServerAlias mydomain.com
  DocumentRoot /var/www/html/mydomain.com
  <Directory "/var/www/html/mydomain.com">
    Options FollowSymLinks
    AllowOverride All
    Order allow,deny
    Allow from all
  </Directory>

  SSLEngine on

  SSLCertificateFile /etc/pki/tls/certs/prod.mydomain.com.crt
  SSLCertificateKeyFile /etc/pki/tls/private/prod.mydomain.com.key
  SSLCACertificateFile /etc/pki/tls/certs/DigiCertCA.crt
</VirtualHost>

$http -t

Syntax OK

$cat /var/log/httpd/error_log

[Wed Jun 14 12:36:20.378579 2023] [core:notice] [pid 3210863:tid 3210863] SELinux policy enabled; httpd running as context system_u:system_r:httpd_t:s0
[Wed Jun 14 12:36:20.379481 2023] [suexec:notice] [pid 3210863:tid 3210863] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Wed Jun 14 12:36:20.381647 2023] [ssl:emerg] [pid 3210863:tid 3210863] AH02311: Fatal error initialising mod_ssl, exiting. See /etc/httpd/logs/ssl_error_log for more information
AH00016: Configuration Failed

#cat /var/log/httpd/ssl_error_log

[Wed Jun 14 16:30:01.562719 2023] [core:notice] [pid 3216760:tid 3216760] SELinux policy enabled; httpd running as context system_u:system_r:httpd_t:s0
[Wed Jun 14 16:30:01.563467 2023] [suexec:notice] [pid 3216760:tid 3216760] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Wed Jun 14 16:30:01.565223 2023] [ssl:emerg] [pid 3216760:tid 3216760] AH02572: Failed to configure at least one certificate and key for www:443
[Wed Jun 14 16:30:01.565244 2023] [ssl:emerg] [pid 3216760:tid 3216760] SSL Library Error: error:0A0000B1:SSL routines::no certificate assigned
[Wed Jun 14 16:30:01.565249 2023] [ssl:emerg] [pid 3216760:tid 3216760] AH02312: Fatal error initialising mod_ssl, exiting.
AH00016: Configuration Failed

関連情報