Apache Won't Start After Generating Self Signed Cert


Staff member
Apache won't start, with error...

1:08:52 a.m.  [Apache]  Error: Apache shutdown unexpectedly.
1:08:52 a.m.  [Apache]  This may be due to a blocked port, missing dependencies, 
1:08:52 a.m.  [Apache]  improper privileges, a crash, or a shutdown by another method.
1:08:52 a.m.  [Apache]  Press the Logs button to view error logs and check
1:08:52 a.m.  [Apache]  the Windows Event Viewer for more clues
1:08:52 a.m.  [Apache]  If you need more help, copy and post this
1:08:52 a.m.  [Apache]  entire log window on the forums

Apache was working prior to me generating a self signed certificate following <a href="http://robsnotebook.com/xampp-ssl-encrypt-passwords" rel="nofollow noreferrer">these instructions</a>. I also updated the virtual hosts file with port 443 redirects.

Apache logs don't tell me anything useful since an error isn't generated on attempt to start Apache. I've checked netstat and nothing is on 443.

Edit: I got the server up again by commenting out

# Secure (SSL/TLS) connections
Include conf/extra/httpd-ssl.conf

So something in my SSL config is making it fail to start. As far as I know I have set up the cert and keyfile correctly in the SSL config.

Edit 2: Running
httpd -t
I got the error
SSLCertificateFile: file 'C:/my/xampp/location/apache/conf/ssl.crt/server.crt' does not exist or is empty

And sure enough the crt file I created is empty! The key file isn't though. I'll try to recreate it.

Edit 3: OK I recreated the .crt and key file and they both have stuff in it. The conf syntax passes, but Apache won't start. I can now see an error:
Certificate and private key www.example.com:443:0 from /conf/ssl.crt/server.crt and /conf/ssl.key/server.key do not match
AH00016: Configuration Failed

Do I have to have the common name, when settng up the cert, match exactly the server name? i.e. If the server name in virtual hosts is www.example.com:443, do I have to include the port in the fully qualified domain URL common name?

Edit 4: Seeing as my config seems good now I tried a <a href="https://latunyj.wordpress.com/2011/...ificate-in-xampp-win32-for-apache-web-server/" rel="nofollow noreferrer">different tutorial</a> and the cert seems OK but I get the error <a href="https://serverfault.com/questions/444400/error-when-trying-to-start-apache-after-installing-ssl-cert">described here</a>.
openssl x509 -in my.crt -text
indicates an odd sized block at the end of the cert. I can't understand how a newly generated cert would be corrupt. Am I missing something?

Background is that I had an error trying to set up Let's Encrypt to generate a portable SSL cert for my Win XAMPP server (I was doing this on an Ubuntu machine since it's easier there to use the client). But I got "<a href="https://community.letsencrypt.org/t...lenge-error-when-i-try-renew-certificate/9405" rel="nofollow noreferrer">Correct zName not found for TLS SNI challenge</a>”. One of the suggestions was to have a self signed cert first. Which led me to trying the above.