Re: How to restart apache after reboot on ubuntu 16.04?

[Dr James Smith <js5@xxxxxxxxxxxx>]

It may be possible to write your own auto-renewal script relatively easily for LetsEncrypt. I have done for Apache as (a) I don't use the standard paths and setup, (b) I wish to use HPKP on my servers for additional security and "Lets Encrypt" auto scripts generate a new key each time which breaks this (the signature changes and is unpredictable) - so my script generates a lets encrypt request with the appropriate key (either the same OR the backup key I've already generated) I now have a relatively simple script which reads my config file and generates keys accordingly if required (the only thing it doesn't do is restart the server for the new certificates to be read) but it does inform me this is happening. It shouldn't be to difficult for nginx to do similar

On 17/08/2016 20:23, R wrote:

It seemed like the auto-renewal process for ssl from LetsEncrypt is not supported yet for nginx, at least according to this article on its publication date:

https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-16-04

My needs are really simple and I wanted to go with whichever would be simpler to setup.

On Wed, Aug 17, 2016 at 2:50 PM, Dr James Smith <js5@xxxxxxxxxxxx> wrote:

Depends on your backends - nginx is good if it is serving primarily static files and or proxying back to quick responding backends. It seems to be less well suited to slower/heavier backends. Apache always seems to work - slower mind you - but always seems to work... So if reliability is your requirement then nginx may be a problem!

On 17/08/2016 19:41, Erik Dobák wrote:

why did not you use nginx anyway? should be faster and modern. did not
have the chance to try that yet myself. still using apache everywhere.

On 17 August 2016 at 03:18, R <bittransfer2000@xxxxxxxxx> wrote:

Ugh sorry, I had a test installation of nginx on the machine, which was not
fully removed after doing "apt-get remove". Looks like it would still start
up somehow. After I purged nginx, then apache2 started ok after reboot.

Thanks

On Tue, Aug 16, 2016 at 8:57 PM, R <bittransfer2000@xxxxxxxxx> wrote:

Hi, this is everything from cat /var/log/apache2/error.log:

[Mon Aug 15 13:42:17.138117 2016] [mpm_event:notice] [pid 26081:tid
139773925775232] AH00489: Apache/2.4.18 (Ubuntu) configured -- resuming
normal operations
[Mon Aug 15 13:42:17.138282 2016] [core:notice] [pid 26081:tid
139773925775232] AH00094: Command line: '/usr/sbin/apache2'
[Mon Aug 15 14:55:14.003814 2016] [mpm_event:notice] [pid 26081:tid
139773925775232] AH00493: SIGUSR1 received.  Doing graceful restart
AH00112: Warning: DocumentRoot [/var/lib/letsencrypt/tls_sni_01_page/]
does not exist
AH00558: apache2: Could not reliably determine the server's fully
qualified domain name, using 127.0.1.1. Set the 'ServerName' directive
globally to suppress this message
[Mon Aug 15 14:55:14.054552 2016] [ssl:warn] [pid 26081:tid
139773925775232] AH01906:x:0 server certificate is a CA certificate
(BasicConstraints: CA == TRUE !?)
[Mon Aug 15 14:55:14.054736 2016] [mpm_event:notice] [pid 26081:tid
139773925775232] AH00489: Apache/2.4.18 (Ubuntu) OpenSSL/1.0.2g-fips
configured -- resuming normal operations
[Mon Aug 15 14:55:14.054747 2016] [core:notice] [pid 26081:tid
139773925775232] AH00094: Command line: '/usr/sbin/apache2'
[Mon Aug 15 14:55:20.854353 2016] [mpm_event:notice] [pid 26081:tid
139773925775232] AH00493: SIGUSR1 received.  Doing graceful restart
AH00558: apache2: Could not reliably determine the server's fully
qualified domain name, using 127.0.1.1. Set the 'ServerName' directive
globally to suppress this message
[Mon Aug 15 14:55:20.865056 2016] [mpm_event:notice] [pid 26081:tid
139773925775232] AH00489: Apache/2.4.18 (Ubuntu) configured -- resuming
normal operations
[Mon Aug 15 14:55:20.865076 2016] [core:notice] [pid 26081:tid
139773925775232] AH00094: Command line: '/usr/sbin/apache2'
[Mon Aug 15 14:55:23.807722 2016] [mpm_event:notice] [pid 26081:tid
139773925775232] AH00493: SIGUSR1 received.  Doing graceful restart
AH00558: apache2: Could not reliably determine the server's fully
qualified domain name, using 127.0.1.1. Set the 'ServerName' directive
globally to suppress this message
[Mon Aug 15 14:55:23.840209 2016] [mpm_event:notice] [pid 26081:tid
139773925775232] AH00489: Apache/2.4.18 (Ubuntu) OpenSSL/1.0.2g-fips
configured -- resuming normal operations
[Mon Aug 15 14:55:23.840217 2016] [core:notice] [pid 26081:tid
139773925775232] AH00094: Command line: '/usr/sbin/apache2'
[Mon Aug 15 14:55:31.995008 2016] [mpm_event:notice] [pid 26081:tid
139773925775232] AH00493: SIGUSR1 received.  Doing graceful restart
AH00558: apache2: Could not reliably determine the server's fully
qualified domain name, using 127.0.1.1. Set the 'ServerName' directive
globally to suppress this message
[Mon Aug 15 14:55:32.023059 2016] [mpm_event:notice] [pid 26081:tid
139773925775232] AH00489: Apache/2.4.18 (Ubuntu) OpenSSL/1.0.2g-fips
configured -- resuming normal operations
[Mon Aug 15 14:55:32.023076 2016] [core:notice] [pid 26081:tid
139773925775232] AH00094: Command line: '/usr/sbin/apache2'
[Mon Aug 15 14:56:04.269625 2016] [ssl:error] [pid 29903:tid
139773645637376] [client 64.41.200.108:39890] AH02042: rejecting client
initiated renegotiation
[Mon Aug 15 18:40:58.774299 2016] [ssl:error] [pid 29904:tid
139773819877120] [client 64.41.200.105:34645] AH02042: rejecting client
initiated renegotiation
[Mon Aug 15 19:07:02.626527 2016] [mpm_event:notice] [pid 26081:tid
139773925775232] AH00491: caught SIGTERM, shutting down
[Mon Aug 15 19:07:03.939317 2016] [mpm_event:notice] [pid 2548:tid
140489013651328] AH00489: Apache/2.4.18 (Ubuntu) mod_jk/1.2.41
OpenSSL/1.0.2g-fips configured -- resuming normal operations
[Mon Aug 15 19:07:03.939444 2016] [core:notice] [pid 2548:tid
140489013651328] AH00094: Command line: '/usr/sbin/apache2'
[Mon Aug 15 19:13:44.445770 2016] [mpm_event:notice] [pid 2548:tid
140489013651328] AH00491: caught SIGTERM, shutting down
[Mon Aug 15 19:13:45.265839 2016] [mpm_event:notice] [pid 2705:tid
140547327522688] AH00489: Apache/2.4.18 (Ubuntu) mod_jk/1.2.41
OpenSSL/1.0.2g-fips configured -- resuming normal operations
[Mon Aug 15 19:13:45.265879 2016] [core:notice] [pid 2705:tid
140547327522688] AH00094: Command line: '/usr/sbin/apache2'
[Tue Aug 16 20:12:44.384947 2016] [mpm_event:notice] [pid 2705:tid
140547327522688] AH00491: caught SIGTERM, shutting down


On Tue, Aug 16, 2016 at 6:46 PM, Rodrigo Cunha <rodrigo.root.rj@xxxxxxxxx>
wrote:

execute
cat /var/log/apache2/error.log
and post stdout

2016-08-16 19:26 GMT-03:00 R <bittransfer2000@xxxxxxxxx>:

Hi,

I've installed apache on my Ubuntu 16.04 machine as follows:

     sudo apt-get install apache2

and it works fine. It does not restart on its own though after a reboot.
Are there other Ubuntu 16.04 users that have it restarting on reboot?

Thanks

--
Atenciosamente,
Rodrigo da Silva Cunha

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx

--
The Wellcome Trust Sanger Institute is operated by Genome Research Limited, a charity registered in England with number 1021457 and a company registered in England with number 2742969, whose registered office is 215 Euston Road, London, NW1 2BE.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx

-- The Wellcome Trust Sanger Institute is operated by Genome Research Limited, a charity registered in England with number 1021457 and a company registered in England with number 2742969, whose registered office is 215 Euston Road, London, NW1 2BE.