We have an isolated (no internet connection) RHEL7 system with existing httpd service running. Now we want to add ssl_mod to the apache server.
Most ssl setup posts started with 'yum install mod_ssl', so one we we can go is to download mod_ssl and all dependencies and run local install on the server.
However, there is mod_ssl.so module file (and bunch of other modules) on the system, and there are several 'LoadModule' entries in httpd.conf file. So we are thinking to add a LoadModule call to mod_ssl.so in httpd.conf file. But this breaks the existing httpd service, a little bit details here (sorry for the typing) -
1) systemctl reload httpd: First time got "Job for httpd.service failed because the control process exited with error code. See ....... and .... for details", and repeating it got "Job for httpd.service invalid"
2) systemctl status httpd: obviously it's "Active: failed (exit-code)". The lines are typed below (ignoring cases):
...
Starting the apache HTTP server ..
Started the apache HTTP server...
httpd.service: main process exited, code=exited, status=1/FAILURE
kill: cannot find process ""
httpd.service: control process exited, code=exited status=1
Reload failed for the apache HTTP server
Unit httpd.service entered failed state.
httpd.service failed
Unit httpd.service cannot be reloaded because it is inactive.
...
3) Journalctl -xe: output is pretty much the same as above, except there are two lines on top of that -
... polkitd[1329]: Registered Authentication Agent for unix-process: 12345:6789012 (system bus name :1.352 [/usr/bin/pkttyagent -notify-fd 6 --fallback], object path /org/freedesktop/Policykit1/AuthenticatioAget, locale en_US.UTF-8)
... polkitd[1329]: Operator of unix-session: 12 successfully authenticated as unix-user:user-name to gain TEMPORARY authorization for action org.freedesktop.systemd1.manage-units for system-bus-name::1.353 [systemctl reload httpd] (owned by unix-user:user-name)
...
While trying to enable ssl_mod, I also found that there is no ssl.conf file on the system, not sure if that's generated by yum install, or it should be copied or installed by other process.
Once I commented the (LoadModule) line in httpd.conf, reload/restart of httpd works and runs fine.
Questions: Is ssl.conf file required to enable ssl_mod? Can I download/copy a ssl.conf file and modify from it?
Any suggestions are highly appreciated!
Most ssl setup posts started with 'yum install mod_ssl', so one we we can go is to download mod_ssl and all dependencies and run local install on the server.
However, there is mod_ssl.so module file (and bunch of other modules) on the system, and there are several 'LoadModule' entries in httpd.conf file. So we are thinking to add a LoadModule call to mod_ssl.so in httpd.conf file. But this breaks the existing httpd service, a little bit details here (sorry for the typing) -
1) systemctl reload httpd: First time got "Job for httpd.service failed because the control process exited with error code. See ....... and .... for details", and repeating it got "Job for httpd.service invalid"
2) systemctl status httpd: obviously it's "Active: failed (exit-code)". The lines are typed below (ignoring cases):
...
Starting the apache HTTP server ..
Started the apache HTTP server...
httpd.service: main process exited, code=exited, status=1/FAILURE
kill: cannot find process ""
httpd.service: control process exited, code=exited status=1
Reload failed for the apache HTTP server
Unit httpd.service entered failed state.
httpd.service failed
Unit httpd.service cannot be reloaded because it is inactive.
...
3) Journalctl -xe: output is pretty much the same as above, except there are two lines on top of that -
... polkitd[1329]: Registered Authentication Agent for unix-process: 12345:6789012 (system bus name :1.352 [/usr/bin/pkttyagent -notify-fd 6 --fallback], object path /org/freedesktop/Policykit1/AuthenticatioAget, locale en_US.UTF-8)
... polkitd[1329]: Operator of unix-session: 12 successfully authenticated as unix-user:user-name to gain TEMPORARY authorization for action org.freedesktop.systemd1.manage-units for system-bus-name::1.353 [systemctl reload httpd] (owned by unix-user:user-name)
...
While trying to enable ssl_mod, I also found that there is no ssl.conf file on the system, not sure if that's generated by yum install, or it should be copied or installed by other process.
Once I commented the (LoadModule) line in httpd.conf, reload/restart of httpd works and runs fine.
Questions: Is ssl.conf file required to enable ssl_mod? Can I download/copy a ssl.conf file and modify from it?
Any suggestions are highly appreciated!