Apache2 restart failed

Hi Everyone

I have been inactive in the group for almost 6 months, but now I come back to follow the newest things in this beautiful Cpanel.

Basically, I have created a mail domain in the Mail tab, trying to use the Cloudflare SSL certificate for webmail. My website has Cloudflare protection, but to feed my curiosity I did Enable SSL for this mail domain and choose Let’s encrypt to be created.

Now the entire website is down and the website shows me an Invalid SSL certificate page.

I believe I made something wrong with Let’s encrypt at the time I issued the certificate.
Any thoughts?

What do your logs say?

where the log file of this error is located? so I can access to read it.

here is the error log, finally

 server certificate does NOT include an ID which matches the server name

That should be no issue …


There is a problem with that. I just need some hints to find out where the root issue is so I can dig deeper.

Systemctl status apache2

apache2.service - The Apache HTTP Server
     Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled)
     Active: failed (Result: exit-code) since Fri 2023-04-14 08:28:02 EET; 36s ago
       Docs: https://httpd.apache.org/docs/2.4/
    Process: 8492 ExecStart=/usr/sbin/apachectl start (code=exited, status=1/FAILURE)
        CPU: 14ms

Apr 14 08:28:02 hcp.shavecode.codes systemd[1]: Starting The Apache HTTP Server...
Apr 14 08:28:02 hcp.shavecode.codes apachectl[8494]: AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using hcp.shavecode.codes>
Apr 14 08:28:02 hcp.shavecode.codes apachectl[8494]: (98)Address already in use: AH00072: make_sock: could not bind to address 10.0.0.198:8443
Apr 14 08:28:02 hcp.shavecode.codes apachectl[8494]: no listening sockets available, shutting down
Apr 14 08:28:02 hcp.shavecode.codes apachectl[8494]: AH00015: Unable to open logs
Apr 14 08:28:02 hcp.shavecode.codes systemd[1]: apache2.service: Control process exited, code=exited, status=1/FAILURE
Apr 14 08:28:02 hcp.shavecode.codes systemd[1]: apache2.service: Failed with result 'exit-code'.
Apr 14 08:28:02 hcp.shavecode.codes systemd[1]: Failed to start The Apache HTTP Server.
lines 1-15/15 (END)

Looks like apache couldn’t bind to 10.0.0.198 address

1 Like

you’ve something already running on port 8443, you’ll need to find out what it is and stop it.

any advice on to check the error log

No, not really, this are strong basics - you should know how to check error logs (which you currently do not need anymore, you need now to find the process sitting on port 8443). I’m not providing any help for this, please google “how to find process which blocks port on linux” on your own.

1 Like

Ok, since this is a good chance to learn, here is my try to find out what process use the specific port.

First I ran this command

netstat -ano -p tcp

and here is the outcome

tcp        0      0 10.0.0.198:8443         0.0.0.0:*               LISTEN      15621/nginx: master  off (0.00/0/0)

So looks like the Nginx master server is taking over the port.

Next, I decided to kill the process just to see the result, so I ran this command and specify the PID

kill 15621

But still, the issue is not being resolved. I know I killed the Nginx master server. I should note that I am using a Cloudflare certificate, I kind having a sense that the problem comes from this part, but couldn’t find out where to start.

Not likely. Your certificate has nothing to do with port bindings. You may not know what you changed, but you have so have introduced conflicting directives that are instructing to different webservers to bind to the same port and address combination.

Do you have any backups that you can reference to aid you in locating the breaking change that you introduced to your configuration?

Not really, what I can do is just make the backup for my website (wordpress data) and reinstall the hestiaCp

It looks like something is already listening on port 80. sudo netstat -plan | grep LISTEN should tell you what process is using that port, and you can go from there to deciding what to do..

I ran into this error after restoring a hestiacp image to a new machine. fixed it by running: v-update-sys-ip