apache2ctl configtest does not include checking SSL certificates
Today I renewed some of my SSL certificates and suddenly Apache2 was no longer starting. A apache2ctl configtest
says all was fine. So I checked log files but found that there was a configuration error, which I wonder why the two different messages can happen.
As it turned out, one of the PEM files only contained DH parameters and no real certificate. After I added the cert block from a backup, the apache2 started again. After a renewing of the certificate, I can again access my SSL-secured website again (it is my personal #invidious proxy).
I wanted to share this with you, including !Friendica Admins to save you a lot of time investigating it. So apache2ctl configtest
does NOT check validity of SSL certificates but on startup of Apache2 they are being checked.
Friendica Admins reshared this.
Roland Häder🇩🇪
Unknown parent • •tiny-acme
and my LE stuff is in/var/www/letsencrypt/
including shell scripts and thea ACME client.Roland Häder🇩🇪
Unknown parent • •./renew_cert.sh friendica
or any other name as it is the same for certificate file andopenssl-friendica.cnf
file. I then need to restart proper services, e.g. formail
I restart both Postfix and Courier.