1

I get a problem in 18.04.I want to configure the SSL for my website, so I edit the profile in etc/apache2/ports.conf and add the line like Listen 443, but when I do service apache2 restart the apahce service can't be restarted but it just work fine in 16.04 like that.Then I delete the line Listen 443 and the Apache service works again..

It says:Job for apache2.service failed because the control process exited with error code.See "systemctl status apache2.service" and "journalctl -xe" for details.

journalctl -xe:

 ubuntu apachectl[2867]: AH00526: Syntax error on line 8 of /etc/apache2/ports.conf:
 ubuntu apachectl[2867]: Cannot define multiple Listeners on the same IP:port
 ubuntu apachectl[2867]: Action 'start' failed.
 ubuntu apachectl[2867]: The Apache error log may have more information.
 ubuntu systemd[1]: apache2.service: Control process exited, code=exited status=1
 ubuntu systemd[1]: apache2.service: Failed with result 'exit-code'.
 ubuntu systemd[1]: Failed to start The Apache HTTP Server.

The line 8 is just what I add.. It dose work in 16.04 if I do the same thing, I want to know is anything changed in 18.04?

pa4080
  • 29,351
  • 10
  • 85
  • 161
OBENMO
  • 13
  • 1
  • 4

1 Answers1

0

I've conducted a small investigation - yes there is a different behaviour between Apache2's versions that come with Ubuntu 16.04 and Ubuntu 18.04.

  • 16.04 comes with Apache/2.4.18 and there is no matter how many times you will repeat identical Listen directives - I've tested that on a virtual machine.

  • 18.04 comes with Apache/2.4.29 and in the current Apache2.4 documentation is written:

    Error condition

    Multiple Listen directives for the same ip address and port will result in an Address already in use error message.

In your case the directive Listen 443 appears twice within the Apache's configuration, so according to these new rules it is normal to receive the above error.

By default, within ports.conf, the directive Listen 443 is enclosed with <IfModule> tags, as follow:

Listen 80

<IfModule ssl_module>
        Listen 443
</IfModule>

<IfModule mod_gnutls.c>
        Listen 443
</IfModule>

That means it will be active only when mod_ssl (or mod_gnutls) is enabled. So, if you have enabled mod_ssl, you do not need to put any additional Listen 443.

You can investigate how many times and where the directive Listen 443 appears in your configuration by the command:

grep -rni 'listen 443' /etc/apache2/

You can check which Apache's modules are enabled by the command(s):

sudo apachectl -M
sudo apachectl -M | grep 'ssl\|tls'

You can check whether any service listen to port 443 and which is it by the commands:

sudo lsof -i -n -P | grep ':443'
sudo netstat -peanut | grep ':443'

Further reading: How to secure Apache with Let's Encrypt.

pa4080
  • 29,351
  • 10
  • 85
  • 161
  • Thank you,it just like you say I enable the `mod_ssl`.But I enable the mod_ssl and add the line `Listen 443` at the same time in 16.04 it just work fine.So I'm not sure if someting has changed in 18.04 at this point.By the way,I want to know do `Listen 443` and the `mod_ssl` make the same effect on the SSL configuration so that I can just open one of them,thanks. – OBENMO Aug 29 '18 at 09:20
  • @OBENMO, you are right. There is a difference, I've rewrote my answer. – pa4080 Aug 29 '18 at 15:21
  • @OBENMO: If [this] answer was helpful to you, then please consider marking it as the [accepted answer](https://askubuntu.com/help/accepted-answer) (by click on the grey tick ✓ left to it) so others may more easily find it in the future. This is also a polite way to thank the person answering your question for helping you out. This is also a part of the mechanism that makes StackExchange format to work so nice. – pa4080 Aug 30 '18 at 16:42
  • Oh sry.I'm new here. I marked it just now ;-) – OBENMO Sep 03 '18 at 08:19