After that I got a weird behavior of my server. After visiting the page the browser showed an error.
Code: Select all
NET::ERR_CERT_AUTHORITY_INVALID
Code: Select all
[Sun Apr 09 13:59:42.406620 2017] [:notice] [pid 530] ModSecurity: LIBXML compiled version="2.9.1"
[Sun Apr 09 13:59:42.406622 2017] [:notice] [pid 530] ModSecurity: Original server signature: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips
[Sun Apr 09 13:59:42.560198 2017] [:notice] [pid 530] ModSecurity: StatusEngine call: "2.9.1,Apache/2.4.6 (CentOS) Ope,1.4.8/1.4.8,8.32/8.32 2012-11-30,(null),2.9.1,f19771bcabc98dd4ab4aa9fe8b3f6071751edd63"
[Sun Apr 09 13:59:42.560353 2017] [:notice] [pid 530] ModSecurity: StatusEngine call failed. Query: GIXDSLRRFRAXAYLDNBSS6MROGQXDMIBI.INSW45CPKMUSAT3QMUWDCLRUFY4C6MJO.GQXDQLBYFYZTELZYFYZTEIBSGAYTELJR.GEWTGMBMFBXHK3DMFEWDELRZFYYSYZRR.HE3TOMLCMNQWEYZZHBSGINDBMI2GCYJZ.MZSTQYRTMY3DANZRG42TCZLEMQ3DG.1491760782.status.modsecurity.org
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using mydomain.net. Set the 'ServerName' directive globally to suppress this message
[Sun Apr 09 13:59:42.622816 2017] [auth_digest:notice] [pid 530] AH01757: generating secret for digest authentication ...
[Sun Apr 09 13:59:42.623338 2017] [lbmethod_heartbeat:notice] [pid 530] AH02282: No slotmem from mod_heartmonitor
[Sun Apr 09 13:59:42.624438 2017] [ssl:warn] [pid 530] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)
[Sun Apr 09 13:59:43.010601 2017] [mpm_prefork:notice] [pid 530] AH00163: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips Apache. configured -- resuming normal operations
[Sun Apr 09 13:59:43.010660 2017] [core:notice] [pid 530] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'
Code: Select all
ModSecurity: StatusEngine call failed. Query:
Code: Select all
systemctl restart httpd
And I get the following output.
Code: Select all
[Mon Apr 10 01:46:02.899628 2017] [:notice] [pid 2321] ModSecurity: PCRE compiled version="8.32 "; loaded version="8.32 2012-11-30"
[Mon Apr 10 01:46:02.899630 2017] [:notice] [pid 2321] ModSecurity: LIBXML compiled version="2.9.1"
[Mon Apr 10 01:46:02.899632 2017] [:notice] [pid 2321] ModSecurity: Original server signature: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips
[Mon Apr 10 01:46:02.899670 2017] [:notice] [pid 2321] ModSecurity: StatusEngine call: "2.9.1,Apache/2.4.6 (CentOS) Ope,1.4.8/1.4.8,8.32/8.32 2012-11-30,(null),2.9.1,835dd68adb0345e3003e5c180c0ce09f4f4edb2b"
[Mon Apr 10 01:46:03.864127 2017] [:notice] [pid 2321] ModSecurity: StatusEngine call successfully sent. For more information visit: http://status.modsecurity.org/
[Mon Apr 10 01:46:03.919161 2017] [auth_digest:notice] [pid 2321] AH01757: generating secret for digest authentication ...
I issued my certificate using certbot --apache -d mydomain.net
More information about the behavior
When I try to change /etc/hosts/ file for example
Code: Select all
x.x.x.x mydomain.com
But there are more error messages are logged.
Code: Select all
Mon Apr 10 01:45:43.010329 2017] [ssl:error] [pid 2288] AH02217: ssl_stapling_init_cert: Can't retrieve issuer certificate!
[Mon Apr 10 01:45:43.010340 2017] [ssl:error] [pid 2288] AH02235: Unable to configure server certificate for stapling
[Mon Apr 10 01:45:43.184655 2017] [ssl:error] [pid 2288] AH02217: ssl_stapling_init_cert: Can't retrieve issuer certificate!
And as mentioned the server returns the invalid self signed certificate.
Furthermore instead of opening the virtual host page it opens the default page "Test 123".
Could you please suggest, what can be wrong and what can I try in order to solve the problem ?