Bug 144274
Summary: | Apache:mod_ssl:Error: Private key not found | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Bob <bobpilly> |
Component: | httpd | Assignee: | Joe Orton <jorton> |
Status: | CLOSED CANTFIX | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 3 | CC: | bill, dagrichards |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | i686 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2007-01-13 19:54:37 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Bob
2005-01-05 15:11:54 UTC
audit(1104934858.356:0): avc: denied { read } for pid=3695 exe=/usr/sbin/httpd name=ssl.conf dev=dm-0 ino=32789 scontext=root:system_r:httpd_t tcontext=root:object_r:user_home_t tclass=file implies simply that /etc/httpd/conf.d/ssl.conf is not labelled correctly. Can you try: restorecon /etc/httpd/conf.d/ssl.conf I get no output to the term when i run that command is that correct? I have tried running service start httpd after running restorecon /etc/httpd/conf.d/ssl.conf and the same thing as before happens with the same errors No output is expected. What does: # ls -lZ /etc/httpd/conf.d/ssl.conf give? It gives back -rw-r--r-- root root system_u:object_r:httpd_config_t /etc/httpd/conf.d/ssl.conf I am having the same issue. As a work around turning selinux enforcement off (setenforce 0 ) allows me to start httpd and enter the passphrase. No audit messages appear in /var/log/messages to indicate what selinux is complaining about, when enforcement is on. For what it's worth, I'm getting the same exact error with rhel4. Thanks Bill, please file a new bug against RHEL4 if you are seeing issues there. I still don't have a specific repro case here. You need to check that the SSL certificate and private key are labelled correctly, e.g. use: # restorecon -R /etc/httpd/conf if the certs are all in /etc/httpd/conf.d/ssl.*. If that's not the case then please use "setenforce 0" and report the avc denials which are logged (via dmesg or /var/log/messages) when starting httpd. (This is a mass update to bugs which have been in NEEDINFO unmodified for over a year and are for a currently unsupported version of Fedora Core.) Closing per lack of response to previous request for information. This bug was originally filed against a much earlier version of Fedora Core, and significant changes have taken place since the last version for which this bug is confirmed. Note that FC3 and FC4 are supported by Fedora Legacy for security fixes only. Please install a still supported version and retest. If it still occurs on FC5 or FC6, please reopen and assign to the correct version. Otherwise, if this a security issue, please change the product to Fedora Legacy. Thanks, and we are sorry that we did not get to this bug earlier. |