我有一个专用的根服务器运行Debian和管理面板我使用directadmin。从今天下午开始,我遇到以下问题:我的网站不再可访问,因为服务httpd已停止且无法启动。当我尝试启动服务时,它始终跟随错误消息:httpd (no pid file) not running。
我发现它与我以前为多个域安装SSL证书这一事实有关。
我已经尝试安装工具strace以找出导致问题的SSL证书(域)。遗憾的是,无法使用以下命令启动strace工具:strace -f apache2ctl start
错误消息始终为:command not found
如果我尝试通过directadmin启动httpd服务,则出现以下错误消息:/etc/init.d/httpd start> / dev / null 2> & 1
我还查看了服务httpd的errorlogs error_log,发现了以下错误代码:
[Wed Sep 20 17:44:07.757294 2017] [core:notice] [pid 14483] AH00094: Command
line: '/usr/sbin/httpd -D SSL'
[Wed Sep 20 17:45:01.465358 2017] [core:error] [pid 14483] (2)No such file
or directory: AH00095: failed to remove PID file /var/run/httpd.pid
[Wed Sep 20 17:45:01.465471 2017] [mpm_prefork:notice] [pid 14483] AH00169:
caught SIGTERM, shutting down
[Wed Sep 20 17:45:05.763192 2017] [ssl:warn] [pid 16564] AH01909:
localhost:443:0 server certificate does NOT include an ID which matches the
server name
[Wed Sep 20 17:45:05.764719 2017] [ssl:warn] [pid 16564] AH01909:
www.example.com:443:0 server certificate does NOT include an ID which matches
the server name
[Wed Sep 20 17:45:05.765357 2017] [suexec:notice] [pid 16564] AH01232: suEXEC
mechanism enabled (wrapper: /usr/sbin/suexec)
[Wed Sep 20 17:45:06.609175 2017] [auth_digest:notice] [pid 16679] AH01757:
generating secret for digest authentication ...
[Wed Sep 20 17:45:07.723436 2017] [ssl:warn] [pid 16679] AH01909:
localhost:443:0 server certificate does NOT include an ID which matches the
server name
[Wed Sep 20 17:45:07.724945 2017] [ssl:warn] [pid 16679] AH01909:
www.example.com:443:0 server certificate does NOT include an ID which matches
the server name
[Wed Sep 20 17:45:07.725568 2017] [lbmethod_heartbeat:notice] [pid 16679]
AH02282: No slotmem from mod_heartmonitor
[Wed Sep 20 17:45:07.726220 2017] [:notice] [pid 16679] mod_ruid2/0.9.8
enabled
[Wed Sep 20 17:45:07.756478 2017] [mpm_prefork:notice] [pid 16679] AH00163:
Apache/2.4.18 (Unix) OpenSSL/1.0.1t PHP/5.5.31 configured -- resuming normal
operations
[Wed Sep 20 17:45:07.756599 2017] [core:notice] [pid 16679] AH00094: Command
line: '/usr/sbin/httpd -D SSL'
[Wed Sep 20 17:46:01.520770 2017] [core:error] [pid 16679] (2)No such file or
directory: AH00095: failed to remove PID file /var/run/httpd.pid
[Wed Sep 20 17:46:01.521067 2017] [mpm_prefork:notice] [pid 16679] AH00169:
caught SIGTERM, shutting down
AH00016: Configuration Failed
AH00016: Configuration Failed
AH00016: Configuration Failed
这是我的主要Apache HTTP服务器配置文件。
#
# This is the main Apache HTTP server configuration file. It contains the
# configuration directives that give the server its instructions.
# See <URL:http://httpd.apache.org/docs/2.4> for detailed information.
# In particular, see
# <URL:http://httpd.apache.org/docs/2.4/mod/directives.html>
# for a discussion of each configuration directive.
#
# Do NOT simply read the instructions in here without understanding
# what they do. They're here only as hints or reminders. If you are unsure
# consult the online docs. You have been warned.
#
# ServerRoot: The top of the directory tree under which the server's
# configuration, error, and log files are kept.
#
# Do not add a slash at the end of the directory path. If you point
# ServerRoot at a non-local disk, be sure to specify a local disk on the
# Mutex directive, if file-based mutexes are used. If you wish to share the
# same ServerRoot for multiple httpd daemons, you will need to change at
# least PidFile.
#
ServerRoot "/etc/httpd"
#
# Listen: Allows you to bind Apache to specific IP addresses and/or
# ports, instead of the default. See also the <VirtualHost>
# directive.
#
# Change this to Listen on specific IP addresses as shown below to
# prevent Apache from glomming onto all bound IP addresses.
#
#Listen 12.34.56.78:80
Listen 80
<IfModule unixd_module>
#
# If you wish httpd to run as a different user or group, you must run
# httpd as root initially and it will switch.
#
# User/Group: The name (or #number) of the user/group to run httpd as.
# It is usually good practice to create a dedicated user and group for
# running httpd, as with most system services.
#
User apache
Group apache
</IfModule>
#LoadModule dummy_module /usr/lib/apache/mod_dummy.so
Include /etc/httpd/conf/extra/httpd-phpmodules.conf
#
# ServerAdmin: Your address, where problems with the server should be
# e-mailed. This address appears on some server-generated pages, such
# as error documents. e.g. admin@your-domain.com
#
ServerAdmin admin@localhost
DocumentRoot "/var/www/html"
<IfModule dir_module>
DirectoryIndex index.html index.htm index.shtml index.php index.php5 index.php4 index.php3 index.phtml index.cgi index.pl
</IfModule>
#
# The following lines prevent .htaccess and .htpasswd files from being
# viewed by Web clients.
#
<Files ".ht*">
Require all denied
</Files>
#
# The following lines prevent .user.ini files from being viewed by Web clients.
#
<Files ".user.ini">
Require all denied
</Files>
#
# ErrorLog: The location of the error log file.
# If you do not specify an ErrorLog directive within a <VirtualHost>
# container, error messages relating to that virtual host will be
# logged here. If you *do* define an error logfile for a <VirtualHost>
# container, that host's errors will be logged there and not here.
#
ErrorLog /var/log/httpd/error_log
#
# LogLevel: Control the number of messages logged to the error_log.
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
#
LogLevel warn
<IfModule log_config_module>
#replace %b with %O for more accurate logging
<IfModule mod_logio.c>
LogFormat "%a %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%a %l %u %t \"%r\" %>s %O" common
LogFormat "%O %I" bytes
LogFormat "%a %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
</IfModule>
CustomLog /var/log/httpd/access_log common
</IfModule>
<IfModule alias_module>
# Include some DirectAdmin alias
Include conf/extra/httpd-alias.conf
</IfModule>
#DefaultType text/plain
<IfModule mime_module>
TypesConfig conf/mime.types
AddType application/x-gzip .tgz
AddEncoding x-compress .Z
AddEncoding x-gzip .gz .tgz
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
AddHandler cgi-script .cgi
AddHandler type-map var
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
AddType video/x-ms-asf .avi
AddType video/mpeg .mpg
AddType video/mpeg .mpeg
AddType video/quicktime .mov
AddType video/x-ms-wmv .wmv
</IfModule>
#
# MaxRanges: Maximum number of Ranges in a request before
# returning the entire resource, or one of the special
# values 'default', 'none' or 'unlimited'.
# Default setting is to accept 200 Ranges.
#MaxRanges unlimited
#
# EnableMMAP and EnableSendfile: On systems that support it,
# memory-mapping or the sendfile syscall may be used to deliver
# files. This usually improves server performance, but must
# be turned off when serving from networked-mounted
# filesystems or if support for these functions is otherwise
# broken on your system.
# Defaults: EnableMMAP On, EnableSendfile Off
#
#EnableMMAP off
#EnableSendfile off
#######################################################################################
# For user configurations not maintained by DirectAdmin. Empty by default.
#######################################################################################
Include conf/extra/httpd-includes.conf
#######################################################################################
# Supplemental configuration
#######################################################################################
# Options and AllowOverrides
Include conf/extra/httpd-directories.conf
# Nginx reverse proxy configuration
Include conf/extra/httpd-nginx.conf
# Server-pool management (MPM specific)
Include conf/extra/httpd-mpm.conf
# Multi-language error messages
Include conf/extra/httpd-multilang-errordoc.conf
# Fancy directory listings
Include conf/extra/httpd-autoindex.conf
# Language settings
Include conf/extra/httpd-languages.conf
# User home directories
#Include conf/extra/httpd-userdir.conf
# Real-time info on requests and configuration
Include conf/extra/httpd-info.conf
# Suphp
Include conf/extra/httpd-suphp.conf
# Local access to the Apache HTTP Server Manual
#Include conf/extra/httpd-manual.conf
# Distributed authoring and versioning (WebDAV)
Include conf/extra/httpd-dav.conf
# Various default settings
Include conf/extra/httpd-default.conf
# Secure (SSL/TLS) connections
Include conf/extra/httpd-ssl.conf
# Deflate module settings
Include conf/extra/httpd-deflate.conf
#######################################################################################
# Do not change anything in files below, because they are rewritten by DirectAdmin #
#######################################################################################
# This is needed for PHP
Include conf/extra/httpd-php-handlers.conf
# Virtual hosts
Include conf/extra/httpd-vhosts.conf
# All the DirectAdmin vhosts
Include conf/extra/directadmin-vhosts.conf
#######################################################################################
# End of included files that are rewritten by DirectAdmin #
#######################################################################################
<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>
我希望有人可以帮助解决这个奇怪的问题。我会很开心的。
答案 0 :(得分:4)
日志中的消息:
服务器证书不包含匹配的ID 服务器名称
表示问题。检查证书:
openssl x509 -in certificate.crt -text -noout
然后在您的apache配置文件中使用ServerName指令定义相同的服务器名称。
答案 1 :(得分:0)
就我而言,这是由于SSL证书所致。该证书为二进制格式,并将其转换为base64可解决该错误。
答案 2 :(得分:0)
就我而言,它是 SSL 证书共享。
我已从通配符证书切换到每个子域的 Letencrypt 证书,但由于证书共享而中断...
一旦我为每个子域修复了每个 SSL,它就开始正常工作。
问题是含糊不清的错误消息,没有详细说明它到底失败在哪里。