[BlueOnyx:13226] Re: Server certificate is expired: 'Server-Cert'
Michael Stauber
mstauber at blueonyx.it
Mon Jun 17 13:36:06 -05 2013
Hi Colin,
> Can anybody point me in the right direction please.
>
> One of my servers had Apache die and wouldn't restart.
> After a bit of digging I found that the error log showed:
>
> [Thu Jun 13 18:41:19 2013] [error] Server certificate is expired: 'Server-Cert'
In /etc/httpd/conf.d/nss.conf add the following line:
NSSEnforceValidCerts off
Then restart Apache and you're good again.
When SSL is enabled, a self signed certificate is generated for Apache.
This cert eventually expires, although it's not really used for
anything, as the SSL sites have their own SSL certificates.
Still, Apache will complain if a cert is expired and then refuses to
start. The above option in nss.conf will allow Apache to start even
though a cert is expired.
--
With best regards
Michael Stauber
More information about the Blueonyx
mailing list