Issue of httpd stopping in Red Hat Enterprise Linux 5.8/6.2
Added supplementary explanation in Target.
Overview of issue
“httpd” in RHEL cannot start or was stopped from December 26th, 2016.
How to check
When meeting the conditions the error messages are displayed in /var/log/httpd/error_log
[error] Certificate not verified: ‘Server-Cert’
[error] SSL Library Error: -8181 Certificate has expired
[error] Unable to verify certificate ‘Server-Cert’. Add “NSSEnforceValidCerts off” to nss.conf so the server can start until the problem can be resolved.
Virtual Server deployed from OS License RHEL5.8/6.2 Virtual Server Template in ECL1.0
(Including private catalog template based on these templates or updated minor version Virtual Server (ex. 6.2->6.3) by customer. )
“mod_nss” certification is expired.
“mod_nss” is encryption module for Network Security Service in Apache Web Server.
Customer who does not use Network Security Services please configure following settings on Guest OS.
Add “NSSEnforceValidCerts off” in /etc/httpd/conf.d/nss.conf to configure.
For reference How to know certification expiration date
Please execute command below.
# certutil -L -d /etc/httpd/alias -n Server-Cert
Not Before: Tue Dec 15 06:23:34 2015
Not After : Sun Dec 15 06:23:34 2019 (expiration date)