Apache fails to start: SSLCertificateFile: file does not exist or is empty

Created:

2017-03-24 13:45:45 UTC

Modified:

2017-08-18 12:49:04 UTC

0

Was this article helpful?


Have more questions?

Submit a request

Apache fails to start: SSLCertificateFile: file does not exist or is empty

Applicable to:

  • Plesk for Linux

Symptoms

Apache fails to start with the following error:

# service apache2 start
* Starting web server apache2 *
* The apache2 configtest failed.
Output of config test was:
AH00526: Syntax error on line 51 of /etc/apache2/plesk.conf.d/vhosts/example.com.conf:
SSLCertificateFile: file '/usr/local/opt/psa/var/certificates/cert-kkovTi' does not exist or is empty
Action 'configtest' failed.

Certificate from the error is missing or has 0 size:

# ll /opt/psa/var/certificates/cert-kkovTi
-rw-r--r-- 1 root root 0 Mar 24 12:26 /opt/psa/var/certificates/cert-kkovTi

Apache reconfiguration command fails as following:

     # /usr/local/psa/admin/bin/httpdmng --reconfigure-domain example.com
ERR [util_exec] proc_close() failed ['/usr/local/psa/admin/bin/apache-config' '-t'] with exit code [1]
ERR [util_exec] proc_close() failed ['/usr/local/psa/admin/bin/apache-config' '-t'] with exit code [1]
Curl failed: Timeout was reached
ERR [panel] Apache config (14972022740.47990300) generation failed: Template_Exception: Syntax error on line 51 of /etc/httpd/conf/plesk.conf.d/ip_default/example.conf:
SSLCACertificateFile: file '/usr/local/psa/var/certificates/cert-kkovTi' does not exist or is empty

file: /usr/local/psa/admin/plib/Template/Writer/Webserver/Abstract.php
line: 75
code: 0
Curl failed: Timeout was reached
Syntax error on line 51 of /etc/httpd/conf/plesk.conf.d/ip_default/example.conf:
SSLCACertificateFile: file '/usr/local/psa/var/certificates/cert-kkovTi' does not exist or is empty

Cause

Missing or corrupted certificate file.

Resolution

Connect to the server using SSH/RDP.

There are 2 ways to solve this:

A. Manual fixing:

1. Check any random SSL certificate file that exists:

# ls -l /usr/local/psa/var/certificates/
-rw-r--r-- 1 root root 5157 Aug 8 17:14 cert-7i33hL
-rw-r--r-- 1 root root 5157 Aug 8 17:25 cert-5pm2hf

2. Copy one of certificates that exist into the corrupted one:

# cp /usr/local/opt/psa/var/certificates/cert-5pm2hf /usr/local/opt/psa/var/certificates/cert-kkovTi

3. Start Apache (if it is not running):

# service httpd start

4. Reconfigure Apache configuration for the particular domain or for all domains on a server:

# /usr/local/psa/admin/bin/httpdmng --reconfigure-domain example.com
# /usr/local/psa/admin/bin/httpdmng --reconfigure-all

B. With Plesk repair utility:

# plesk repair web -y

Have more questions? Submit a request
Please sign in to leave a comment.