Oops, no RSA or DSA server certificate found for 'server.host.name:0'?

apache-2.2 ssl

I'm setting up a new web server that hosts a dozen virtual hosts on Ubuntu 12.4 using Apache 2.2.22 with one config file per site. I created all the configuration files all at once and ran a2ensite * to enable them all at once. When I reloaded the configuration it failed and after restarting apache I found the following error message in my error.log:

Oops, no RSA or DSA server certificate found for 'server.host.name:0'?!

Most of the results for this error message are years old that don't fix the problem or are bugs that have been fixed https://issues.apache.org/bugzilla/show_bug.cgi?id=31709


Solution 1:

From: http://www.clearchain.com/blog/posts/solving-the-apache-ssl-error-oops-no-rsa-or-dsa-server-certificate-found-for-www-somedomain-com0

Summary: This error may also occur if you forget the following line in your VirtualHost section:

SSLEngine on

Solution 2:

The problem ended up being in a different configuration file than the host that was listed in the error. It was due to the fact that there were duplicate ServerName values in two of the files. I fixed the wrong one and it started back up (bye bye that half an hour) :-) .

To troubleshoot this I disabled all the sites and then enabled a couple at a time until I ran into the problem again.

Solution 3:

You may also receive this error if you are using a cert with multiple subject alternate names, but the ServerName directive does not match the CN or SAN value(s) of the certificate. IT is often the case where a developer wants a development version of the same production site, but there is no real certificate for the development site.

Example websites:
webserver.example.com
webserver-dev.example.com

Certificate:
CN = primaryserver.example.com
SANs = webserver.example.com, puppies.example.com, kittens.example.com

The following configuration will cause this error:
/etc/apache2/sites-enabled/webserver.example.com-ssl.conf
<IfModule mod_ssl.c> <VirtualHost *:443> ServerName webserver.example.com ...
/etc/apache2/sites-enabled/webserver-dev.example.com-ssl.conf
<IfModule mod_ssl.c> <VirtualHost *:443> ServerName webserver-dev.example.com ...

The following configuration resolves this issue:
/etc/apache2/sites-enabled/webserver.example.com-ssl.conf
<IfModule mod_ssl.c> <VirtualHost *:443> ServerName webserver.example.com ...
/etc/apache2/sites-enabled/webserver.example.com-ssl.conf
<IfModule mod_ssl.c> <VirtualHost webserver-dev.example.com:443> ServerName webserver.example.com ...

Related

sshd log full of "Did not receive identification string from "
Which filesystem for large LVM of disks (8 TB)?
Delete file containing invalid characters in windows
Memcached memory usage
`Permission Denied` to CD into a directory even though permissions are correct
Is it bad practice to declare MX from differing networks?
Which anti spam DNS blacklists should used?
Who picked 127.0.0.1 to be localhost and why? What meaning does it have?
Find interface for route to specific host
Recursively copying hidden files - Linux
Why don't we study algebraic objects with more than two operations?
Integral $\int_0^\infty\frac{1}{x\,\sqrt{2}+\sqrt{2\,x^2+1}}\cdot\frac{\log x}{\sqrt{x^2+1}}\mathrm dx$