Unable To Start Apache Services In Oracle Linux 7 Server

(Doc ID 2336960.1)

Last updated on DECEMBER 11, 2017

Applies to:

Linux OS - Version Oracle Linux 7.2 with Unbreakable Enterprise Kerne [3.8.13] and later
Information in this document applies to any platform.

Symptoms

Service httpd failed with the following error :

[root@server certs]# systemctl start httpd
Job for httpd.service failed because the control process exited with error code. See "systemctl status httpd.service" and "journalctl -xe" for details.

 

[root@server certs]# systemctl status httpd.service
‚óŹ httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Tue 2017-12-05 09:21:55 EST; 5s ago
Docs: man:httpd(8)
man:apachectl(8)
Process: 11433 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited, status=1/FAILURE)
Process: 23516 ExecReload=/usr/sbin/httpd $OPTIONS -k graceful (code=exited, status=1/FAILURE)
Process: 11429 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND (code=exited, status=1/FAILURE)
Main PID: 11429 (code=exited, status=1/FAILURE)

Dec 05 09:21:54 server systemd[1]: Starting The Apache HTTP Server...
Dec 05 09:21:54 server systemd[1]: httpd.service: main process exited, code=exited, status=1/FAILURE
Dec 05 09:21:55 server kill[11433]: kill: cannot find process ""
Dec 05 09:21:55 server systemd[1]: httpd.service: control process exited, code=exited status=1
Dec 05 09:21:55 server systemd[1]: Failed to start The Apache HTTP Server.
Dec 05 09:21:55 server systemd[1]: Unit httpd.service entered failed state.
Dec 05 09:21:55 server systemd[1]: httpd.service failed.

#cat /var/log/httpd/error_log

[Tue Dec 05 09:21:54.940942 2017] [core:notice] [pid 11429] SELinux policy enabled; httpd running as context system_u:system_r:httpd_t:s0
[Tue Dec 05 09:21:54.942328 2017] [suexec:notice] [pid 11429] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Tue Dec 05 09:21:54.942710 2017] [ssl:emerg] [pid 11429] AH02241: Init: Unable to read server certificate from file /etc/pki/tls/certs/uatis.olympus-osta.com.crt
[Tue Dec 05 09:21:54.942762 2017] [ssl:emerg] [pid 11429] SSL Library Error: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Tue Dec 05 09:21:54.942780 2017] [ssl:emerg] [pid 11429] SSL Library Error: error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error (Type=X509)
[Tue Dec 05 09:21:54.942788 2017] [ssl:emerg] [pid 11429] AH02312: Fatal error initialising mod_ssl, exiting.

Correct path of CSR cert in ssl.conf:
# ll *.crt
-rw-r-----. 1 root root 1035 Dec 4 22:32 xxx.com.crt
# pwd
/etc/pki/tls/certs

Path given in ssl.conf file is correct:
# Server Certificate:
# Point SSLCertificateFile at a PEM encoded certificate. If
# the certificate is encrypted, then you will be prompted for a
# pass phrase. Note that a kill -HUP will prompt again. A new
# certificate can be generated using the genkey(1) command.
SSLCertificateFile /etc/pki/tls/certs/xxx.com.crt

# Server Private Key:
# If the key is not combined with the certificate, use this
# directive to point at the key file. Keep in mind that if
# you've both a RSA and a DSA private key you can configure
# both in parallel (to also allow the use of DSA ciphers, etc.)
SSLCertificateKeyFile /etc/pki/tls/private/xxx.com.key

 

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms