Permission denied: Init: Can't open server private key file

vinmansbrew · 10-08-2018, 10:11 AM

Running rhel 6.10
Just ran updates and since then, selinux 1 time stopped httpd from starting, even though the booleans look correct. Set selinux to permissive and httpd started, then setenforce back to 1 and it would good. About a week later, httpd died with error: httpd dead but pid file exists.

httpd/error_log showed me this: Permission denied: Init: Can't open server private key file

Seems to me that selinux may be the issue and that restorecon -RvF /etc/ssl/certs/
may be the answer. However, if someone has other thoughts, let me know.

Otherwise, I'd like to know what I would be walking into with using this command.

Thanks!

bathory · 10-09-2018, 12:39 AM

Quote:

httpd/error_log showed me this: Permission denied: Init: Can't open server private key file

Seems to me that selinux may be the issue and that restorecon -RvF /etc/ssl/certs/
may be the answer. However, if someone has other thoughts, let me know.

Otherwise, I'd like to know what I would be walking into with using this command.

Running restorecon is the correct way to fix certs files permissions/context, so they can be used by httpd.

Regards

vinmansbrew · 10-09-2018, 08:20 AM

Ok, so, after I run it, what are the next steps? Linux always has next steps!

bathory · 10-09-2018, 08:59 AM

Quote:

Originally Posted by vinmansbrew

Ok, so, after I run it, what are the next steps? Linux always has next steps!

You should (re)start the httpd service.

vinmansbrew · 10-09-2018, 09:32 AM

Hmm, that just seems too easy. I mean, I knew I had to restart the service, but I figured that there would be more hoops!