Description of problem: I have a FreeIPA installation with Apache. I updated to mod_nss-1.0.16-5.1.fc28 and this put in (or modified?) /etc/httpd/conf.d/nss.conf in such a way that it broke httpd: [Sat May 12 23:06:52.221471 2018] [:error] [pid 2758:tid 139639639427328] Password for slot internal is incorrect. [Sat May 12 23:06:52.226623 2018] [:error] [pid 2758:tid 139639639427328] NSS initialization failed. Certificate database: /etc/httpd/alias. [Sat May 12 23:06:52.226681 2018] [:error] [pid 2758:tid 139639639427328] SSL Library Error: -8177 The security password entered is incorrect I removed nss.conf and it was happy and FreeIPA came back up. Version-Release number of selected component (if applicable): mod_nss-1.0.16-5.1.fc28
IPA is now using mod_ssl to provide TLS in Apache. If you aren't using mod_nss then you are best off removing the package. And note that simply removing the file is not sufficient as rpm will re-add it the next time mod_nss is updated.