Apache - Init: Can't open server private key file

David Williams picture David Williams · Mar 7, 2014 · Viewed 11.7k times · Source

I am enabling ssl on my apache running on localhost. I generated a self signed certificate and put it in a usual place:

[david@david web]$ ll /etc/ssl/certs/
...
-rwxrwxrwx. 1 david david    977 Mar  7 13:18 localhost.crt
-rwxrwxrwx. 1 david david    712 Mar  7 13:16 localhost.csr
-rwxrwxrwx. 1 david david    963 Mar  7 13:12 localhost.key

But when I restart Apache, the server fails and I receive the following in the error log:

[Fri Mar 07 13:29:17 2014] [notice] SELinux policy enabled; httpd running as context unconfined_u:system_r:httpd_t:s0
[Fri Mar 07 13:29:17 2014] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Fri Mar 07 13:29:17 2014] [error] (13)Permission denied: Init: Can't open server private key file /etc/ssl/certs/localhost.key

The permissions look ok to me, what am I doing wrong?

Answer

Sfblaauw picture Sfblaauw · Sep 17, 2015

This is because you probably uploaded the file(s) first to one of your home directories and then moved them somewhere in the /etc directory. To correct the context of this file, execute the following command:

restorecon -RvF /etc/ssl/certs/

and restar Apache service httpd restart.

Hope it helps.