My apache server has stopped running after ssl update on a live site

I have a standard amazon ami(The one created by amazon), which has apache installed on it. We needed to update the ssl certificate which i did by going through these steps

I have done this before so i think i didn't do anything wrong. The steps basically included: 1) openssl req -new -newkey rsa:2048 -nodes -keyout yourdomain.key -out yourdomain.csr
2) Updating the /etc/httpd/conf.d/ssl.conf file. 3) Restarting the service httpd

But after restarting httpd i.e sudo service httpd restart. The service stopped fine, but did not start again. Here is the error i am recieving.

[ec2-user@******* conf.d]$ service httpd restart
Stopping httpd:                                            [FAILED]
Starting httpd: [Tue Dec 06 20:38:28 2016] [warn] module ssl_module is already loaded, skipping
[Tue Dec 06 20:38:28 2016] [warn] _default_ VirtualHost overlap on port 443, the first has precedence
(13)Permission denied: make_sock: could not bind to address [::]:80
(13)Permission denied: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
Unable to open logs

This is really important, so will really appreciate if someone could me out here. Thanks

Update: Ok so i managed to remove the mod_ssl already loaded message. can some one figure this one out?

[ec2-user@****** ~]$ sudo service httpd start
Starting httpd: [Tue Dec 06 21:33:52 2016] [warn] _default_ VirtualHost overlap on port 443, the first has precedence
(98)Address already in use: make_sock: could not bind to address [::]:443
                                                           [FAILED]

It looks like you are running the restart command as an unprivileged user, as can be seen because the httpd stop fails. You should run the restart command with a suitably privileged account.


Update:

Starting httpd: [Tue Dec 06 21:33:52 2016] [warn] default VirtualHost overlap on port 443, the first has precedence (98)Address already in use: make_sock: could not bind to address [::]:443

Something is still bound to/listening on port 443. It looks like you have failed to stop the previous invocation of httpd.


I figured out the issue. If anybody came across this issue, because of ssl certificate here are the things you need to check.

  1. First make sure there are not more than 1 configuration file for httpd. (In my case I made a backup file of etc/httpd/conf/ssl.conf and called it ssl_bkup.conf. I thought this wont be used as a configuration but it did. I should have used ssl.conf_backup). You can check if there are more than 1 configuration files being used by this command.

    grep -ir 443 /etc/httpd/conf*

  2. Then check your logs by

    sudo nano var/log/httpd/error_log

    sudo nano var/log/httpd/ssl_log

    sudo nano var/log/httpd/nss_log (nss is similar to ssl)

  3. The main issue in my case happened when I was copying the csr files from my computer to the server. The files given by the ssl authority had to be moved to my server, so instead of ftp I was creating new file and copying the content of the csr file into new file created on the server. While doing this I messed up the format in which the files were supposed to be copied.

Because my ftp access was very limited so in order to properly get them on the server I uploaded the files to an online host host and then downloaded to my server via wget.