XAMPP: Error 1! Couldn't start Apache!

Oppsss, I got this error message when I tried to edit the SSL certificate in XAMPP on my application server. Honestly, it makes me panic! Know what, I can't running the Apache services. When I tried to run the command it shows an error like this

[root@pknp ~]# /opt/lampp/lampp start
Starting XAMPP for Linux 1.5.3a...
XAMPP: Starting Apache with SSL (and PHP5)...
XAMPP: Error 1! Couldn't start Apache!
XAMPP: Starting diagnose...
XAMPP: Sorry, I've no idea what's going wrong.
XAMPP: Please contact our forum http://www.apachefriends.org/f/

I'm searching on the Internet and exactly I've found it from XAMPP website. It said that I need to type the below command:

[root@mybox ~]#tail -2 /opt/lampp/logs/error_log and then it shows what is the type of error

[root@pknp ~]# tail -2 /opt/lampp/logs/error_log
[Sun Oct 07 10:11:52 2007] [error] Unable to configure RSA server private key
[Sun Oct 07 10:11:52 2007] [error] SSL Library Error: 185073780 error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch

As I expect earlier, it is caused by the SSL editing. I didn't know how this thing happen. 
Maybe there is some misconfigration or the XAMPP version compatibility. When i write this post, I'm using XAMPP for Linux 1.5.3a while the new version is available, XAMPP Linux 1.6.3b. After a few attempt to start the Apache in XAMPP is fail, I was thinking how stupid am I not backup the original certificates files. Now the things come worst. But, I was thinking, Hey, I've got another server (database) that also using XAMPP. Why not I copy that certificate file in that server and replace it back to the original state of my application server.
Fortunately, I still didn't make any configuration to that database server. So, I just copy the files (server.crt and server.key) and replace it to on my application server. 
The I tried to restart the XAMPP back and YESSS!!!! It back on track again. So, the moral is, please BACKUP your original file first before you are going to edit it. 
If not, then it will become a nightmare for you. :-P 





 

Create A Self-signed SSL Certificate in XAMPP

I have added a plugins for my webmail (Squirrelmail). 
It is Secure Login plugins. 
This plugins enables a secure HTTPS/SSL-encrypted connection
for my SquirrelMail login page. So, it can secure my email access. 
As I'm using Apache in XAMPP, the generated SSL certificate are using the default setting.
When I view the certificate, it show's a default XAMPP Apache setting like below :


Issued To
Common Name (CN)           localhost
Organization (O)               Apache Friends
Organization Unit (OU)      
Serial Number                   00

Issued By
Common Name (CN)           localhost
Organization (O)               Apache Friends
Organization Unit (OU)     


So, to create my own self-signed SSL certificate, I need to edit the certain file make a few tuning. So that, the certificate will be no longer using a default XAMPP setting.

1. Open a terminal/console at local or do it remotely through SSH access


2. The first thing that need to do is, create a RSA Private Key by using the below command.

[root@mybox ~]#openssl genrsa -des3 -out server.key 1024

Generating RSA private key, 1024 bit long modulus
.........................................................++++++
........++++++
e is 65537 (0x10001)
Enter PEM pass phrase: enter the desired pass phrase
Verifying password - Enter PEM pass phrase: same as a above


3. The next step is to create a Certificate Signing Request (CSR). CSR is a message sent from an applicant to a certificate authority in order to apply for a digital identity certificate. User will be prompt to enter an information that related to CSR certificate. To create a CSR, enter the below command.

[root@mybox ~]#openssl req -new -key server.key -out server.csr

Country Name (2 letter code) [GB]:type your 2 letter country code
State or Province Name (full name) [Berkshire]:type your state or province name
Locality Name (eg, city) [Newbury]:type your city name
Organization Name (eg, company) [My Company Ltd]:type your company name
Organizational Unit Name (eg, section) []:type your department
Common Name (eg, your name or your server's hostname) []:type your server hostname
Email Address []:type your email address
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:type your password
An optional company name []:type your company name


4. The next step is to remove the passphrase key. It is because if you enable the passphrase, Apache will ask for the pass-phrase each time the web server is started. It will be a problem if the server is restarted as the user always need to type the passphrase. The below command will remove the passphrase.

[root@mybox ~]#cp server.key server.key.org
[root@mybox ~]#openssl rsa -in server.key.org -out server.key


5. To generating a Self-Signed Certificate, enter the below command. As this certificate is not verified by Certificate Authority such as Thawte or Verisign, your browser will notice an error inform you that the signing certificate authority is unknown and not trusted. Bear in mind that this is self-signed certificate. So, you should ignore that error message.

[root@mybox ~]#openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt


6. Installing the Private Key and Certificate is simple. All you need to do is to know where are your XAMPP Apache directory. I assume that, we are using the default XAMPP directory, /opt/lampp. So, copy the two below files, ssl.crt and ssl.key to the XAMPP directory.

[root@mybox ~]#cp server.crt /opt/lampp/etc/ssl.crt
[root@mybox ~]#cp server.key /opt/lampp/etc/ssl.key/server.key

When you are being asked to overwritten the file, just type yes and hit Enter.


7. Restart Apache and test to access your site. Check the certificate and make sure the information that you have insert is correct.


8. Finish! Your configuration is done. Good luck :-)