From owner-freebsd-ports@FreeBSD.ORG Wed Aug 26 09:05:43 2009 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from straylight.ringlet.net (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by hub.freebsd.org (Postfix) with SMTP id CC07A106568B for ; Wed, 26 Aug 2009 09:05:42 +0000 (UTC) (envelope-from roam@ringlet.net) Received: (qmail 2994 invoked by uid 1000); 26 Aug 2009 09:05:18 -0000 Date: Wed, 26 Aug 2009 12:05:18 +0300 From: Peter Pentchev To: Frederique Rijsdijk Message-ID: <20090826090517.GA982@straylight.m.ringlet.net> References: <4A94F976.5040203@isafeelin.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="BXVAT5kNtrzKuDFl" Content-Disposition: inline In-Reply-To: <4A94F976.5040203@isafeelin.org> User-Agent: Mutt/1.5.20 (2009-06-14) Cc: FreeBSD-Ports Subject: Re: Apache SSL broken after upgrade to 2.2.13? X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Aug 2009 09:05:43 -0000 --BXVAT5kNtrzKuDFl Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Aug 26, 2009 at 10:59:34AM +0200, Frederique Rijsdijk wrote: > Following todays portaudit advisory, I upgraded Apache on several > machines. On a machine that's running SSL, things broke after the > ugprade with the following error: >=20 > [Wed Aug 26 10:23:39 2009] [error] Server should be SSL-aware but has no > certificate configured [Hint: SSLCertificateFile] >=20 > The previous version was 2.2.11_5. Everything worked fine. The hint that > apache gives is obviously configured in httpd.conf.. >=20 > Rolled back to version 2.2.11_5, all is working again. >=20 > Did I miss something? This was reported in Debian, too; it seems to be an upstream change in Apache. I don't know what they intend to do about it, but it does indeed "break" the setups of a lot of people who only put the SSL certificate, key, and stuff in the virtual hosts that actually require it. As a workaround, just put the SSL cert and key directives somewhere on a global level, outside a vhost, and Apache will start. Stupid, I know, but that's how it is for the present :/ G'luck, Peter --=20 Peter Pentchev roam@ringlet.net roam@space.bg roam@FreeBSD.org PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553 Nostalgia ain't what it used to be. --BXVAT5kNtrzKuDFl Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (FreeBSD) iEYEARECAAYFAkqU+s0ACgkQ7Ri2jRYZRVO7wACffGR5/H1A3U2S2EL7jUfwC9L5 bo8AnRQJsQNy/Yz9n1TrZ8wL6n9KUBJV =bge9 -----END PGP SIGNATURE----- --BXVAT5kNtrzKuDFl--