Package: apache2
Version: 2.2.22-13+deb7u4
Severity: important
After upgrading from 2.2.22-13+deb7u3 to 2.2.22-13+deb7u4, Apache refused to
start on my server with this error message in /var/log/apache2/error.log:
[error] Server should be SSL-aware but has no certificate configured [Hint:
SSLCertificateFile] ((null):0)
While my configuration and TLS cert didn't change, it seems like Apache got
more strict somehow.
There are two config changes I found that fix this:
1. change "Listen 443" to "Listen 443 http" in /etc/apache2/ports.conf
2. ensure that every :443 vhost includes the entire TLS config including the
directives that point to the certificate files
I'm not sure why #1 works so I went with the second option when I found that
one of my vhosts didn't include the full TLS config:
<VirtualHost *:443>
ServerName libravatar.org
ServerAdmin webmas...@libravatar.org
Header always add Strict-Transport-Security: "max-age=15768000"
Redirect permanent / https://www.libravatar.org/
</VirtualHost>
Francois
--
To UNSUBSCRIBE, email to debian-apache-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20150111193338.ga4...@akranes.dyndns.org
