Renewing Apache SSL Certificate

Question

I have an apache server running on port 443 with an expired SSL certificate. I created a new certificate today and I want to replace it.

I am running a red hat machine. So I went in to /etc/httpd/conf.d/ssl.conf and replaced the path to the existing SSL certificate to the new one. After restarting the server, somehow it is still pointing to the old certificate.

Can anyone give me a hand with this?

Thanks in advance!

Answer 1

There could be more than one thing going on: there is another install of the httpd server and that is the one that is running or there are multiple .conf files. I would try a broad answer.

First find the config folder for apache:

 $ httpd -V
Server version: Apache/2.2.15 (Unix)
 .......
 ....... 
-D DEFAULT_PIDLOG="run/httpd.pid"
-D HTTPD_ROOT="/etc/httpd"
-D SERVER_CONFIG_FILE="conf/httpd.conf"

Now check to see the number of vhosts that are defined in any of the .conf files anywhere. And / or you could simply grep for "SSLCertificateFile" that is used to specify the certificate and figure out which vhost it belongs to and make that update there.

Unless the main .conf file points to .conf files outside of the HTTPD_ROOT, you should be successful.

EDIT 1: Remember to make sure that the pid that you get from the above matches that of the running Apache httpd.

$ cat  /etc/httpd/run/httpd.pid
23799
root@devssl1-m1-ap-->/app/workspace/eclipse/rcmtools/ccc/trunk
$ ps -eaf | grep httpd
root     23799     1  0 Mar06 ?        00:00:04 /usr/sbin/httpd -k start

Answer 2

You should check the configuration file for the vhost you are accessing. Maybe the path is redefined there.