I was moving a customer’s website from its old dedicated web server to a shiny new one, installing CentOS 5 on it with Apache 2.2 (known simply as "httpd" on RedHat Enterprise Linux and therefore CentOS, which is derived from RHEL) and MySQL 5.0. They already had a secure certificate running on the old site, so I copied the certificate files over and the secure server settings into the appropriate configuration file.
"Invalid command ‘SSLEngine’" Error
I then ran the command
sudo service httpd reload
to reload Apache and take in the new configuration settings but instead of it being reloaded I got this error message instead:
Syntax error on line 35 of /etc/httpd/vhosts.d/plates.conf: Invalid command 'SSLEngine', perhaps misspelled or defined by a module not included in the server configuration
Checking to see if mod_ssl was installed
I had forgotten to install mod_ssl as part of Apache. I then ran the command:
yum search mod_ssl
which revealed:
$ yum search mod_ssl Loading "installonlyn" plugin Setting up repositories Reading repository metadata in from local files mod_ssl.x86_64 1:2.2.3-6.el5.centos.1 base Matched from: mod_ssl The mod_ssl module provides strong cryptography for the Apache Web server via the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols. mod_ssl.x86_64 1:2.2.3-7.el5.centos updates Matched from: mod_ssl The mod_ssl module provides strong cryptography for the Apache Web server via the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols.
Install mod_ssl and restart Apache
So all I needed to do was:
sudo yum install mod_ssl
This automatically configured Apache to use SSL when it was restarted, by adding the file /etc/httpd/conf.d/ssl.conf which contains the necessary stuff to enable SSL. I restarted Apache with the following command and was good to go:
sudo service httpd restart
Update: I discovered that there were errors and it wasn’t actually using the valid secure certificate. Read more details about this in the Default virtualhost’s secure certificate used with mod_ssl post.