0 Replies Latest reply: Nov 23, 2012 3:00 AM by Mike Matthews
Mike Matthews Level 1 Level 1 (10 points)



Running Lion Server 10.7.5.


Two messages in the Alerts window in Server notified me that a self-signed certificate and a code-signing certificate for the server had both expired. I clicked the Recover button for each and got a successfull result (apparently updating the expired certificates).


But the Edit button in the server's settings pane is dimmed, and no certificate is listed. (Oddly, I can see the two certificates using Server Admin and looking at the Open Directory service's Settings > LDAP panel. I can also choose a certificate and save it.)


The problem is that I can make a VPN connection and get assigned an IP address, but ultimately the connection fails with the error: The PPP server could not be authenticated. I think this may have something to do with the certificate not being recognized. (Also odd: I was able to connect twice via VPN, but I have no idea why it was just those two times. I've done numerous restarts and tried to connect immediately, but that doesn't seem to be the answer.)


The System log tells me there's a Syntax error on Line 11 of /etc/apache2/sites/0000_any80_.conf. Line 11 reads "SSLProxyEngine On".


Further, selecting the Web service in Server shows "Error Reading Settings". This server is not running any web services, I don't believe. It's running Address Book, File sharing, iCal, Time Machine, and VPN. (And Server Admin lists DNS and Open Directory.)


I had a Carbon Copy Cloner backup of the hard drive, so I booted from it. The certificate expirations appeared in the Alerts window. But before clicking Recover, I checked the server's settings pane and the Edit button was already dimmed and no SSL certificate was listed. Also can't connect via VPN (same error as above) and selecting the Web service in Server also shows "Error Reading Settings".


Any ideas? Would some sort of reset of the web server configuration files be in order? Or some way to get Server to recognize the certificates? Or both?