[BlueOnyx:20502] Cure: Server certificate is expired: 'Server-Cert'
Tigerwolf
tigerwolf at tigerden.com
Wed Jan 11 11:50:17 -05 2017
I began to see a ton of these in the httpd error log on several boxes:
[Sun Jan 08 04:43:20 2017] [error] Server certificate is expired:
'Server-Cert'
It's not to clear what cert it's griping about, but the errors persisted
even after checking/updating the GUI-managed certs. Even fresly mented
self signed ones didn't stop the errors.
After some digging, I found a fix:
According to
<http://serverfault.com/questions/578069/ssl-library-error-8181-certificate-has-expired>
the problem is related to mod_nss. Its cert generated on initial install
is too old. The cert and related files live in /etc/httpd/alias/.
The cure per the article is to re-install mod_nss to generate a new cert
and related files:
rpm -e mod_nss -Remove current mod_nss package
rm /etc/httpd/alias/* -Clean out old cert directory
yum install mod_nss -Do fresh install of mod_nss package
service httpd restart -Kick httpd sever to read new certs
That seems to have worked.
I hope this can save the time for others to track this down.
It would be good, if possible, for the error message to specify *which*
cert it's complaining about.
--
=^_^= Tigerwolf
More information about the Blueonyx
mailing list