Say that you restart apache2 and you get the following lines in your log files:

[error] Init: Unable to read server certificate from file /etc/apache2/ssl/server.pem [error] SSL Library Error: 218529960 error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag [error] SSL Library Error: 218595386 error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error

It means that you screwed up your apache2 config. Grep your configs for Certificate, i.e. (your config should look like this):

$ sudo grep -r Certificate /etc/apache2 | grep -v :# /etc/apache2/vhosts.d/00-default-www.haller.ws.conf: SSLCertificateFile /etc/apache2/ssl/server.crt /etc/apache2/vhosts.d/00-default-www.haller.ws.conf: SSLCertificateKeyFile /etc/apache2/ssl/server.pem

But your config probably says something incorrect like the following:

SSLCertificateFile /etc/apache2/ssl/server.pem

The file extension to apache2 configuration item mapping should look like this:

Apache2 Configuration ItemFile Extension
SSLCertificateFile.crt
SSLCertificateKeyFile.pem


Yay...now I can make subversive comments over ssl!! - Nathan "Just Kidding" Powell
Phew... At least you didn't call me a nutjob. ;)
Err... is there a context for those two comments that I'm missing? -- David W
http://nathanpowell.org/blog/archives/316
@david, Oh him you read?!? What am I chopped liver! - Nathan :)
Yep ;) No actually I read your blog too, but I'm not subscribed comments feed... I suppose I should probably do that. -- David W
Just be happy bignate /has/ a comments feed now. Why are we talking about Nathan on Patrick's site again? -Doug
Because the content sucks? ;) -- Patrick.