Package: libapache2-mod-md Version: 0.9.0-1 Severity: grave Dear Ondřej,
I've installed libapache2-mod-md on a machine (Raspberry Pi) running Debian Unstable where apache2 was already installed. I've disabled all previous site configurations and wrote a new site configuration from scratch and only enabled that site: ---8<--- ServerAdmin a...@deuxchevaux.org ServerName ….deuxchevaux.org ManagedDomain ….deuxchevaux.org # Requires libapache2-mod-md ≥ 0.9.4 #MDRequireHttps temporary DocumentRoot /var/www/html ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined <VirtualHost *:80> Protocols h2 h2c http/1.1 </VirtualHost> <IfModule mod_ssl.c> <VirtualHost *:443> Protocols h2 http/1.1 SSLEngine on </VirtualHost> </IfModule> --->8--- "apache2ctl configtest" said that everything is fine: "Syntax OK". Upon "service apache2 restart" I though got the following lines in the error.log: ---8<--- [Sat Sep 30 18:39:45.407137 2017] [ssl:emerg] [pid 4976:tid 1995292672] AH02572: Failed to configure at least one certificate and key for ….deuxchevaux.org:443 [Sat Sep 30 18:39:45.407356 2017] [ssl:emerg] [pid 4976:tid 1995292672] SSL Library Error: error:02001002:system library:fopen:No such file or directory (fopen('/etc/apache2/md/domains/….deuxchevaux.org/privkey.pem','r')) [Sat Sep 30 18:39:45.407449 2017] [ssl:emerg] [pid 4976:tid 1995292672] SSL Library Error: error:2006D080:BIO routines:BIO_new_file:no such file [Sat Sep 30 18:39:45.407621 2017] [ssl:emerg] [pid 4976:tid 1995292672] SSL Library Error: error:140A80B1:SSL routines:SSL_CTX_check_private_key:no certificate assigned [Sat Sep 30 18:39:45.407675 2017] [ssl:emerg] [pid 4976:tid 1995292672] AH02312: Fatal error initialising mod_ssl, exiting. AH00016: Configuration Failed --->8--- According to https://github.com/icing/mod_md/wiki/2.4.x-Installation, this module needs either Apache 2.5/2.6 (not yet in Debian) or a patched Apache 2.4, otherwise I'd get the AH02572 error message and an SSL Library Error. Which I got, see above. So I checked apache2's changelog.Debian.gz for inclusion of such a patch but found none. I also checked https://bugs.debian.org/src:apache2 for an according request to include such a patch, but haven't found any either. So I assume that libapache2-mod-md is currently not usable at all with plain Debian unstable. -- System Information: Debian Release: buster/sid APT prefers unstable APT policy: (990, 'unstable'), (500, 'unstable-debug'), (500, 'buildd-unstable'), (500, 'stable'), (1, 'experimental-debug'), (1, 'buildd-experimental'), (1, 'experimental') Architecture: armhf (armv7l) Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=C:en (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) Versions of packages libapache2-mod-md depends on: ii apache2-bin [apache2-api-20120211] 2.4.27-6 ii libapr1 1.6.2-1 ii libaprutil1 1.6.0-2 ii libc6 2.24-17 ii libcurl3-gnutls 7.55.1-1 ii libjansson4 2.10-1 ii libssl1.1 1.1.0f-5 libapache2-mod-md recommends no packages. libapache2-mod-md suggests no packages. -- no debconf information