Level: Critical

Purpose: To check the Apache httpd error log for SSL errors using string “Unable to configure RSA server private key” in file /var/log/httpd/ssl_error_log

Scenario: The Apache httpd service is in error due to SSL key loading issue.

Resolution: Check the private key to see if it has changed recently

Manual Action Steps: Check if the key found at /etc/httpd/conf/ssl/certificateKey.key has changed recently.

ls -l /etc/httpd/conf/ssl/ 

If it has changed, you can revert it using the one stored in the deployment playbooks in the environments folder. Back up the current server key before making any changes, then copy the contents of the stored one into it, and restart the httpd service.

sudo service httpd restart

Auto Clear: Will not clear until the httpd logs are rotated, which is usually every week. This alert uses mtail and if the mtail service is restarted, it will clear the alert. Warning that restarting mtail will reset all active alerts for that server.

sudo service mtail restart