Avamar: IDPA: SSLCertificateChainFile:file '/etc/apache2/ssl.crt/ca.crt' does not exist or is empty
Summary: Unable to log in to web page as apache2 service is down.
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Symptoms
The apache2 startup fails with the error below
root@avamar:~/#: service apache2 start Job for apache2.service failed because the control process exited with error code. See "systemctl status apache2.service" and "journalctl -xe" for details. root@avamar:~/#: root@avamar:~/#: systemctl status apache2.service ● apache2.service - The Apache Webserver Loaded: loaded (/usr/lib/systemd/system/apache2.service; enabled; vendor preset: disabled) Active: failed (Result: exit-code) since Thu 2024-08-29 00:59:41 CDT; 7s ago Process: 23284 ExecStop=/usr/sbin/start_apache2 -DSYSTEMD -DFOREGROUND -k graceful-stop (code=exited, status=0/SUCCESS) Process: 25781 ExecReload=/usr/sbin/start_apache2 -DSYSTEMD -DFOREGROUND -k graceful (code=exited, status=0/SUCCESS) Process: 23371 ExecStart=/usr/sbin/start_apache2 -DSYSTEMD -DFOREGROUND -k start (code=exited, status=1/FAILURE) Main PID: 23371 (code=exited, status=1/FAILURE) Status: "Reading configuration..." Aug 29 00:59:41 avamar systemd[1]: Starting The Apache Webserver... Aug 29 00:59:41 avamar start_apache2[23371]: AH00526: Syntax error on line 5 of /etc/apache2/vhosts.d/sslcert.cnf: Aug 29 00:59:41 avamar start_apache2[23371]: SSLCertificateChainFile: file '/etc/apache2/ssl.crt/ca.crt' does not exist or is empty Aug 29 00:59:41 avamar systemd[1]: apache2.service: Main process exited, code=exited, status=1/FAILURE Aug 29 00:59:41 avamar systemd[1]: Failed to start The Apache Webserver. Aug 29 00:59:41 avamar systemd[1]: apache2.service: Unit entered failed state. Aug 29 00:59:41 avamar systemd[1]: apache2.service: Failed with result 'exit-code'. root@avamar:~/#: root@avamar:~/#: journalctl -xe Aug 29 00:05:16 avamar sshd[15591]: pam_unix(sshd:session): session opened for user admin by (uid=0) Aug 29 00:05:16 avamar sshd[15598]: Received disconnect from 10.241.170.118 port 41286:11: disconnected by user Aug 29 00:05:16 avamar sshd[15598]: Disconnected from user admin 10.241.170.118 port 41286 Aug 29 00:05:16 avamar sshd[15591]: pam_unix(sshd:session): session closed for user admin Aug 29 00:05:16 avamar sudo[15669]: admin : TTY=unknown ; PWD=/usr/local/avamar ; USER=root ; COMMAND=/usr/local/avamar/bin/createFSLink.pl --rptSiteLogDisplay Aug 29 00:05:16 avamar sudo[15669]: pam_unix(sudo:session): session opened for user root by (uid=0) Aug 29 00:05:17 avamar sudo[15669]: pam_unix(sudo:session): session closed for user root Aug 29 00:15:01 avamar cron[16832]: pam_unix(crond:session): session opened for user root by (uid=0) Aug 29 00:15:01 avamar CRON[16832]: pam_unix(crond:session): session closed for user root Aug 29 00:30:01 avamar cron[18812]: pam_unix(crond:session): session opened for user root by (uid=0) Aug 29 00:30:04 avamar CRON[18812]: pam_unix(crond:session): session closed for user root Aug 29 00:45:01 avamar cron[21412]: pam_unix(crond:session): session opened for user root by (uid=0) Aug 29 00:45:01 avamar CRON[21412]: pam_unix(crond:session): session closed for user root Aug 29 00:50:00 avamar sudo[21977]: avi : TTY=unknown ; PWD=/space/home/avi ; USER=root ; COMMAND=/usr/local/avamar/lib/avi/avi_secure.sh -aviflush Aug 29 00:50:00 avamar sudo[21977]: pam_unix(sudo:session): session opened for user root by (uid=0) Aug 29 00:50:01 avamar su[22058]: (to admin) root on none Aug 29 00:50:01 avamar su[22058]: pam_unix(su-l:session): session opened for user admin by (uid=0) Aug 29 00:50:03 avamar su[22058]: pam_unix(su-l:session): session closed for user admin Aug 29 00:50:07 avamar sudo[21977]: pam_unix(sudo:session): session closed for user root Aug 29 00:58:18 avamar sshd[23037]: rexec line 152: Deprecated option UsePrivilegeSeparation Aug 29 00:58:20 avamar sshd[23037]: Accepted keyboard-interactive/pam for admin from 10.87.192.145 port 49710 ssh2 Aug 29 00:58:20 avamar sshd[23037]: pam_unix(sshd:session): session opened for user admin by (uid=0) Aug 29 00:58:55 avamar su[23161]: (to root) admin on pts/0 Aug 29 00:58:55 avamar su[23161]: pam_unix(su-l:session): session opened for user root by admin(uid=500) Aug 29 00:59:20 avamar systemd[1]: Stopping The Apache Webserver... -- Subject: Unit apache2.service has begun shutting down -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit apache2.service has begun shutting down. Aug 29 00:59:22 avamar systemd[1]: Stopped The Apache Webserver. -- Subject: Unit apache2.service has finished shutting down -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit apache2.service has finished shutting down. Aug 29 00:59:41 avamar systemd[1]: Starting The Apache Webserver... -- Subject: Unit apache2.service has begun start-up -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit apache2.service has begun starting up. Aug 29 00:59:41 avamar start_apache2[23371]: AH00526: Syntax error on line 5 of /etc/apache2/vhosts.d/sslcert.cnf: Aug 29 00:59:41 avamar start_apache2[23371]: SSLCertificateChainFile: file '/etc/apache2/ssl.crt/ca.crt' does not exist or is empty Aug 29 00:59:41 avamar systemd[1]: apache2.service: Main process exited, code=exited, status=1/FAILURE Aug 29 00:59:41 avamar systemd[1]: Failed to start The Apache Webserver. -- Subject: Unit apache2.service has failed -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit apache2.service has failed. -- -- The result is failed. Aug 29 00:59:41 avamar systemd[1]: apache2.service: Unit entered failed state. Aug 29 00:59:41 avamar systemd[1]: apache2.service: Failed with result 'exit-code'.
Cause
There is no ca.crt (if there is self-signed certificates)
Due to this, apache2 service fails to load the ca.crt.
Due to this, apache2 service fails to load the ca.crt.
Resolution
As a root user
1) Start apache2 service
If the startup fails, then continue further.
2) Check the apache2 service status
3) Navigate to sslcert.cnf
4) Comment out ca.crt
5) Start apache2 service
1) Start apache2 service
service apache2 start
If the startup fails, then continue further.
2) Check the apache2 service status
systemctl status apache2.service journalctl -xe
The error below is seen.
root@avamar:~/#: systemctl status apache2.service ● apache2.service - The Apache Webserver Loaded: loaded (/usr/lib/systemd/system/apache2.service; enabled; vendor preset: disabled) Active: failed (Result: exit-code) since Thu 2024-08-29 00:59:41 CDT; 7s ago Process: 23284 ExecStop=/usr/sbin/start_apache2 -DSYSTEMD -DFOREGROUND -k graceful-stop (code=exited, status=0/SUCCESS) Process: 25781 ExecReload=/usr/sbin/start_apache2 -DSYSTEMD -DFOREGROUND -k graceful (code=exited, status=0/SUCCESS) Process: 23371 ExecStart=/usr/sbin/start_apache2 -DSYSTEMD -DFOREGROUND -k start (code=exited, status=1/FAILURE) Main PID: 23371 (code=exited, status=1/FAILURE) Status: "Reading configuration..." Aug 29 00:59:41 avamar systemd[1]: Starting The Apache Webserver... Aug 29 00:59:41 avamar start_apache2[23371]: AH00526: Syntax error on line 5 of /etc/apache2/vhosts.d/sslcert.cnf: Aug 29 00:59:41 avamar start_apache2[23371]: SSLCertificateChainFile: file '/etc/apache2/ssl.crt/ca.crt' does not exist or is empty Aug 29 00:59:41 avamar systemd[1]: apache2.service: Main process exited, code=exited, status=1/FAILURE Aug 29 00:59:41 avamar systemd[1]: Failed to start The Apache Webserver. Aug 29 00:59:41 avamar systemd[1]: apache2.service: Unit entered failed state. Aug 29 00:59:41 avamar systemd[1]: apache2.service: Failed with result 'exit-code'. root@avamar:~/#: root@avamar:~/#: journalctl -xe Aug 29 00:05:16 avamar sshd[15591]: pam_unix(sshd:session): session opened for user admin by (uid=0) Aug 29 00:05:16 avamar sshd[15598]: Received disconnect from 10.241.170.118 port 41286:11: disconnected by user Aug 29 00:05:16 avamar sshd[15598]: Disconnected from user admin 10.241.170.118 port 41286 Aug 29 00:05:16 avamar sshd[15591]: pam_unix(sshd:session): session closed for user admin Aug 29 00:05:16 avamar sudo[15669]: admin : TTY=unknown ; PWD=/usr/local/avamar ; USER=root ; COMMAND=/usr/local/avamar/bin/createFSLink.pl --rptSiteLogDisplay Aug 29 00:05:16 avamar sudo[15669]: pam_unix(sudo:session): session opened for user root by (uid=0) Aug 29 00:05:17 avamar sudo[15669]: pam_unix(sudo:session): session closed for user root Aug 29 00:15:01 avamar cron[16832]: pam_unix(crond:session): session opened for user root by (uid=0) Aug 29 00:15:01 avamar CRON[16832]: pam_unix(crond:session): session closed for user root Aug 29 00:30:01 avamar cron[18812]: pam_unix(crond:session): session opened for user root by (uid=0) Aug 29 00:30:04 avamar CRON[18812]: pam_unix(crond:session): session closed for user root Aug 29 00:45:01 avamar cron[21412]: pam_unix(crond:session): session opened for user root by (uid=0) Aug 29 00:45:01 avamar CRON[21412]: pam_unix(crond:session): session closed for user root Aug 29 00:50:00 avamar sudo[21977]: avi : TTY=unknown ; PWD=/space/home/avi ; USER=root ; COMMAND=/usr/local/avamar/lib/avi/avi_secure.sh -aviflush Aug 29 00:50:00 avamar sudo[21977]: pam_unix(sudo:session): session opened for user root by (uid=0) Aug 29 00:50:01 avamar su[22058]: (to admin) root on none Aug 29 00:50:01 avamar su[22058]: pam_unix(su-l:session): session opened for user admin by (uid=0) Aug 29 00:50:03 avamar su[22058]: pam_unix(su-l:session): session closed for user admin Aug 29 00:50:07 avamar sudo[21977]: pam_unix(sudo:session): session closed for user root Aug 29 00:58:18 avamar sshd[23037]: rexec line 152: Deprecated option UsePrivilegeSeparation Aug 29 00:58:20 avamar sshd[23037]: Accepted keyboard-interactive/pam for admin from 10.87.192.145 port 49710 ssh2 Aug 29 00:58:20 avamar sshd[23037]: pam_unix(sshd:session): session opened for user admin by (uid=0) Aug 29 00:58:55 avamar su[23161]: (to root) admin on pts/0 Aug 29 00:58:55 avamar su[23161]: pam_unix(su-l:session): session opened for user root by admin(uid=500) Aug 29 00:59:20 avamar systemd[1]: Stopping The Apache Webserver... -- Subject: Unit apache2.service has begun shutting down -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit apache2.service has begun shutting down. Aug 29 00:59:22 avamar systemd[1]: Stopped The Apache Webserver. -- Subject: Unit apache2.service has finished shutting down -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit apache2.service has finished shutting down. Aug 29 00:59:41 avamar systemd[1]: Starting The Apache Webserver... -- Subject: Unit apache2.service has begun start-up -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit apache2.service has begun starting up. Aug 29 00:59:41 avamar start_apache2[23371]: AH00526: Syntax error on line 5 of /etc/apache2/vhosts.d/sslcert.cnf: Aug 29 00:59:41 avamar start_apache2[23371]: SSLCertificateChainFile: file '/etc/apache2/ssl.crt/ca.crt' does not exist or is empty Aug 29 00:59:41 avamar systemd[1]: apache2.service: Main process exited, code=exited, status=1/FAILURE Aug 29 00:59:41 avamar systemd[1]: Failed to start The Apache Webserver. -- Subject: Unit apache2.service has failed -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit apache2.service has failed. -- -- The result is failed. Aug 29 00:59:41 avamar systemd[1]: apache2.service: Unit entered failed state. Aug 29 00:59:41 avamar systemd[1]: apache2.service: Failed with result 'exit-code'.
3) Navigate to sslcert.cnf
cd /etc/apache2/vhosts.d/sslcert.cnf
4) Comment out ca.crt
Before:
root@avamar:/etc/apache2/ssl.crt/#: cat /etc/apache2/vhosts.d/sslcert.cnf SSLCertificateFile /etc/apache2/ssl.crt/server.crt #SSLCertificateFile /etc/apache2/ssl.crt/server-dsa.crt SSLCertificateKeyFile /etc/apache2/ssl.key/server.key #SSLCertificateKeyFile /etc/apache2/ssl.key/server-dsa.key SSLCertificateChainFile /etc/apache2/ssl.crt/ca.crt #SSLCACertificateFile /etc/apache2/ssl.crt/ca-bundle.crt root@avamar2-gcc:/etc/apache2/ssl.crt/#:
After:
root@avamar:~/#: cat /etc/apache2/vhosts.d/sslcert.cnf
SSLCertificateFile /etc/apache2/ssl.crt/server.crt
#SSLCertificateFile /etc/apache2/ssl.crt/server-dsa.crt
SSLCertificateKeyFile /etc/apache2/ssl.key/server.key
#SSLCertificateKeyFile /etc/apache2/ssl.key/server-dsa.key
#SSLCertificateChainFile /etc/apache2/ssl.crt/ca.crt
#SSLCACertificateFile /etc/apache2/ssl.crt/ca-bundle.crt
root@avamar4-gcc:~/#:
5) Start apache2 service
service apache2 start
Affected Products
Avamar, Integrated Data Protection Appliance SoftwareArticle Properties
Article Number: 000228111
Article Type: Solution
Last Modified: 21 Nov 2024
Version: 2
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.