尝试更新我的 SSL 证书后,我的网站目前出现问题。
我已完成本教程中提到的所有步骤:https://www.digitalocean.com/community/tutorials/how-to-install-an-ssl-certificate-from-a-commercial-certificate-authority
在最后我必须进入队伍的时候sudo 服务 apache2 重启我收到此错误信息:
Job for apache2.service failed because the control process exited with error code.
See "systemctl status apache2.service" and "journalctl -xe" for details.
systemctl 状态 apache2.service
● apache2.service - The Apache HTTP Server
Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled)
Drop-In: /lib/systemd/system/apache2.service.d
└─apache2-systemd.conf
Active: failed (Result: exit-code) since Mon 2020-05-18 00:18:34 UTC; 6s ago
Process: 4867 ExecStop=/usr/sbin/apachectl stop (code=exited, status=0/SUCCESS)
Process: 7254 ExecStart=/usr/sbin/apachectl start (code=exited, status=1/FAILURE)
Main PID: 1045 (code=exited, status=0/SUCCESS)
May 18 00:18:34 systemd[1]: Starting The Apache HTTP Server...
May 18 00:18:34 apachectl[7254]: Action 'start' failed.
May 18 00:18:34 apachectl[7254]: The Apache error log may have more information.
May 18 00:18:34 systemd[1]: apache2.service: Control process exited, code=exited status=1
May 18 00:18:34 systemd[1]: apache2.service: Failed with result 'exit-code'.
May 18 00:18:34 systemd[1]: Failed to start The Apache HTTP Server.
apache2ctl configtest
Syntax OK
apachectl configtest
Syntax OK
我尝试过配置测试命令来查看我是否有任何 synthx 错误,但一切似乎都正常。
journalctl-xe
May 18 15:33:52 sshd[31542]: Failed password for i
May 18 15:33:53 sudo[31549]: root : TTY=pts/0
May 18 15:33:53 sudo[31549]: pam_unix(sudo:session
May 18 15:33:53 systemd[1]: Starting The Apache HT
-- Subject: Unit apache2.service has begun start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit apache2.service has begun starting up.
May 18 15:33:53 apachectl[31555]: Action 'start' f
May 18 15:33:53 apachectl[31555]: The Apache error
May 18 15:33:53 systemd[1]: apache2.service: Contr
May 18 15:33:53 systemd[1]: apache2.service: Faile
May 18 15:33:53 systemd[1]: Failed to start The Ap
-- Subject: Unit apache2.service has failed
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit apache2.service has failed.
--
-- The result is RESULT.
May 18 15:33:53 sudo[31549]: pam_unix(sudo:session
May 18 15:33:55 kernel: [UFW BLOCK] IN=eth0 OUT= M
lines 1128-1150/1150 (END)
May 18 15:33:52 sshd[31542]: Failed password for invalid user bdt from 206.18
May 18 15:33:53 sudo[31549]: root : TTY=pts/0 ; PWD=/root ; USER=root ; C
May 18 15:33:53 sudo[31549]: pam_unix(sudo:session): session opened for user
May 18 15:33:53 systemd[1]: Starting The Apache HTTP Server...
-- Subject: Unit apache2.service has begun start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit apache2.service has begun starting up.
May 18 15:33:53 apachectl[31555]: Action 'start' failed.
May 18 15:33:53 apachectl[31555]: The Apache error log may have more informat
May 18 15:33:53 systemd[1]: apache2.service: Control process exited, code=exi
May 18 15:33:53 systemd[1]: apache2.service: Failed with result 'exit-code'.
May 18 15:33:53 systemd[1]: Failed to start The Apache HTTP Server.
-- Subject: Unit apache2.service has failed
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit apache2.service has failed.
--
-- The result is RESULT.
May 18 15:33:53 sudo[31549]: pam_unix(sudo:session): session closed for user
May 18 15:33:55 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=fa:52:65:0e:6a:71:fe:00:
~
~
~
~
~
~
~
~
~
~
~
lines 1128-1150/1150 (END)
May 18 15:33:52 sshd[31542]: Failed password for invalid user bdt from 206.189.212.33 port 38420 ssh2
May 18 15:33:53 sudo[31549]: root : TTY=pts/0 ; PWD=/root ; USER=root ; COMMAND=/usr/sbin/service ap
May 18 15:33:53 sudo[31549]: pam_unix(sudo:session): session opened for user root by root(uid=0)
May 18 15:33:53 systemd[1]: Starting The Apache HTTP Server...
-- Subject: Unit apache2.service has begun start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit apache2.service has begun starting up.
May 18 15:33:53 apachectl[31555]: Action 'start' failed.
May 18 15:33:53 apachectl[31555]: The Apache error log may have more information.
May 18 15:33:53 systemd[1]: apache2.service: Control process exited, code=exited status=1
May 18 15:33:53 systemd[1]: apache2.service: Failed with result 'exit-code'.
May 18 15:33:53 systemd[1]: Failed to start The Apache HTTP Server.
-- Subject: Unit apache2.service has failed
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit apache2.service has failed.
--
-- The result is RESULT.
May 18 15:33:53 sudo[31549]: pam_unix(sudo:session): session closed for user root
May 18 15:33:55 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=fa:52:65:0e:6a:71:fe:00:00:00:01:01:08:00 SRC=185.1
~
~
~
~
~
~
~
~
~
~
~
~
lines 1128-1150/1150 (END)
May 18 15:33:52 sshd[31542]: Failed password for invalid user bdt from 206.189.212.33 port 38420 ssh2
May 18 15:33:53 sudo[31549]: root : TTY=pts/0 ; PWD=/root ; USER=root ; COMMAND=/usr/sbin/service apache2 restart
May 18 15:33:53 sudo[31549]: pam_unix(sudo:session): session opened for user root by root(uid=0)
May 18 15:33:53 systemd[1]: Starting The Apache HTTP Server...
-- Subject: Unit apache2.service has begun start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit apache2.service has begun starting up.
May 18 15:33:53 apachectl[31555]: Action 'start' failed.
May 18 15:33:53 apachectl[31555]: The Apache error log may have more information.
May 18 15:33:53 systemd[1]: apache2.service: Control process exited, code=exited status=1
May 18 15:33:53 systemd[1]: apache2.service: Failed with result 'exit-code'.
May 18 15:33:53 systemd[1]: Failed to start The Apache HTTP Server.
-- Subject: Unit apache2.service has failed
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit apache2.service has failed.
--
-- The result is RESULT.
May 18 15:33:53 sudo[31549]: pam_unix(sudo:session): session closed for user root
May 18 15:33:55 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=fa:52:65:0e:6a:71:fe:00:00:00:01:01:08:00 SRC=185.151.242.187 DST=167.99.179.159 LEN=40 T
~
~
~
~
~
~
~
~
~
~
~
~
lines 1128-1150/1150 (END)
May 18 15:33:52 sshd[31542]: Failed password for invalid user bdt from 206.189.212.33 port 38420 ssh2
May 18 15:33:53 sudo[31549]: root : TTY=pts/0 ; PWD=/root ; USER=root ; COMMAND=/usr/sbin/service apache2 restart
May 18 15:33:53 sudo[31549]: pam_unix(sudo:session): session opened for user root by root(uid=0)
May 18 15:33:53 systemd[1]: Starting The Apache HTTP Server...
-- Subject: Unit apache2.service has begun start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit apache2.service has begun starting up.
May 18 15:33:53 apachectl[31555]: Action 'start' failed.
May 18 15:33:53 apachectl[31555]: The Apache error log may have more information.
May 18 15:33:53 systemd[1]: apache2.service: Control process exited, code=exited status=1
May 18 15:33:53 systemd[1]: apache2.service: Failed with result 'exit-code'.
May 18 15:33:53 systemd[1]: Failed to start The Apache HTTP Server.
-- Subject: Unit apache2.service has failed
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit apache2.service has failed.
--
-- The result is RESULT.
May 18 15:33:53 sudo[31549]: pam_unix(sudo:session): session closed for user root
May 18 15:33:55 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=fa:52:65:0e:6a:71:fe:00:00:00:01:01:08:00 SRC=185.151.242.187 DST=167.99.179.159 LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=15380 PROTO=TCP
~
~
~
~
~
~
~
~
~
~
~
~
lines 1128-1150/1150 (END)
May 18 15:33:52 sshd[31542]: Failed password for invalid user bdt from 206.189.212.33 port 38420 ssh2
May 18 15:33:53 sudo[31549]: root : TTY=pts/0 ; PWD=/root ; USER=root ; COMMAND=/usr/sbin/service apache2 restart
May 18 15:33:53 sudo[31549]: pam_unix(sudo:session): session opened for user root by root(uid=0)
May 18 15:33:53 systemd[1]: Starting The Apache HTTP Server...
-- Subject: Unit apache2.service has begun start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit apache2.service has begun starting up.
May 18 15:33:53 apachectl[31555]: Action 'start' failed.
May 18 15:33:53 apachectl[31555]: The Apache error log may have more information.
May 18 15:33:53 systemd[1]: apache2.service: Control process exited, code=exited status=1
May 18 15:33:53 systemd[1]: apache2.service: Failed with result 'exit-code'.
May 18 15:33:53 systemd[1]: Failed to start The Apache HTTP Server.
-- Subject: Unit apache2.service has failed
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit apache2.service has failed.
--
-- The result is RESULT.
May 18 15:33:53 sudo[31549]: pam_unix(sudo:session): session closed for user root
May 18 15:33:55 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=fa:52:65:0e:6a:71:fe:00:00:00:01:01:08:00 SRC=185.151.242.187 DST=167.99.179.159 LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=15380 PROTO=TCP SPT=21789 DPT=3377 WINDOW=1024 R
~
~
~
~
~
~
~
~
~
~
~
~
lines 1128-1150/1150 (END)
May 18 15:33:52 sshd[31542]: Failed password for invalid user bdt from 206.189.212.33 port 38420 ssh2
May 18 15:33:53 sudo[31549]: root : TTY=pts/0 ; PWD=/root ; USER=root ; COMMAND=/usr/sbin/service apache2 restart
May 18 15:33:53 sudo[31549]: pam_unix(sudo:session): session opened for user root by root(uid=0)
May 18 15:33:53 systemd[1]: Starting The Apache HTTP Server...
-- Subject: Unit apache2.service has begun start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit apache2.service has begun starting up.
May 18 15:33:53 apachectl[31555]: Action 'start' failed.
May 18 15:33:53 apachectl[31555]: The Apache error log may have more information.
May 18 15:33:53 systemd[1]: apache2.service: Control process exited, code=exited status=1
May 18 15:33:53 systemd[1]: apache2.service: Failed with result 'exit-code'.
May 18 15:33:53 systemd[1]: Failed to start The Apache HTTP Server.
-- Subject: Unit apache2.service has failed
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit apache2.service has failed.
--
-- The result is RESULT.
May 18 15:33:53 sudo[31549]: pam_unix(sudo:session): session closed for user root
May 18 15:33:55 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=fa:52:65:0e:6a:71:fe:00:00:00:01:01:08:00 SRC=185.151.242.187 DST=167.99.179.159 LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=15380 PROTO=TCP SPT=21789 DPT=3377 WINDOW=1024 RES=0x00 SYN URGP=0
当我尝试访问该文件夹时在/usr/sbin/apachectl中通过sFTP,我们可以看到这个错误信息:
目录 /usr/sbin/apache2ctl:没有此文件或目录
在文件中/var/log/apache2/error.log, 我有 :
[Mon May 18 15:33:53.451709 2020] [ssl:error] [pid 31566] AH02579: Init: Private key not found
[Mon May 18 15:33:53.451789 2020] [ssl:error] [pid 31566] SSL Library Error: error:0D0680A8:asn1 encoding routines:asn1_check_tlen:wrong tag
[Mon May 18 15:33:53.451800 2020] [ssl:error] [pid 31566] SSL Library Error: error:0D08303A:asn1 encoding routines:asn1_template_noexp_d2i:nested asn1 error
[Mon May 18 15:33:53.451807 2020] [ssl:error] [pid 31566] SSL Library Error: error:0D0680A8:asn1 encoding routines:asn1_check_tlen:wrong tag
[Mon May 18 15:33:53.451815 2020] [ssl:error] [pid 31566] SSL Library Error: error:0D07803A:asn1 encoding routines:asn1_item_embed_d2i:nested asn1 error (Type=RSAPrivateKey)
[Mon May 18 15:33:53.451823 2020] [ssl:error] [pid 31566] SSL Library Error: error:04093004:rsa routines:old_rsa_priv_decode:RSA lib
[Mon May 18 15:33:53.451830 2020] [ssl:error] [pid 31566] SSL Library Error: error:0D0680A8:asn1 encoding routines:asn1_check_tlen:wrong tag
[Mon May 18 15:33:53.451837 2020] [ssl:error] [pid 31566] SSL Library Error: error:0D07803A:asn1 encoding routines:asn1_item_embed_d2i:nested asn1 error (Type=PKCS8_PRIV_KEY_INFO)
[Mon May 18 15:33:53.451842 2020] [ssl:emerg] [pid 31566] AH02311: Fatal error initialising mod_ssl, exiting. See /var/log/apache2/error.log for more information
[Mon May 18 15:33:53.451846 2020] [ssl:emerg] [pid 31566] AH02564: Failed to configure encrypted (?) private key mydomain.com:443:0, check /root/certificate/mydomain.com.key
AH00016: Configuration Failed
任何帮助都将不胜感激。如果您需要检查其他内容,请告诉我您需要什么以及我如何获取信息。谢谢!
答案1
在...的帮助下米歇尔我找到了问题的原因和解决方案。
作为米歇尔指出,我必须检查错误日志文件来查找问题的原因。
你好,请检查错误日志/var/log/apache/error.log,这将包含您需要解决的错误。 -米歇尔
因此,我将此文件下载到我的计算机上,并在文本编辑器中打开它以阅读内容。正如我们在日志文件中看到的那样(请参阅问题以供参考),其中两行非常重要:
[Mon May 18 15:33:53.451709 2020] [ssl:error] [pid 31566] AH02579: Init: Private key not found
这表明找不到该密钥(不存在)。
[Mon May 18 15:33:53.451846 2020] [ssl:emerg] [pid 31566] AH02564: Failed to configure encrypted (?) private key mydomain.com:443:0, check /root/certificate/mydomain.com.key
这表明钥匙应该在哪里(就我而言)。
所以我检查了/根/证书/文件夹来查找我的域名.com.key文件丢失,但它如预期的那样存在。
下一步是下载我的域名.com.key文件复制到我的电脑并在文本编辑器中打开它以检查内容。
就在那时我很快就明白了问题的所在:我没有正确的钥匙甚至正确的文件。
我不知道这是否是我在安装 SSL 证书的某个阶段的操作失误,但我的 .key 文件不是密钥。我知道这一点,因为文件中没有以下标签:
-----BEGIN PRIVATE KEY-----
{content}
-----END PRIVATE KEY-----
如果你有和我类似的问题,确保你有一个 .key 文件您的 000-default.conf 或 mydomain.com.conf 文件指向并确保它是已安装证书的正确密钥(例如,而不是来自先前证书的密钥)。
非常感谢米歇尔谢谢你的帮助!你让我很开心!
答案2
journalctl -xe
在这种情况下也很有用。您必须使用up arrow
键盘才能看到问题。就我而言,这是Apache 配置SSLProxyEngine
中的类似配置问题。sites-enabled