Cyberithub

Solved: AH00558: httpd: Could not reliably determine the server's fully qualified domain name

Advertisements

In this article, we will look into the steps required to solve  "AH00558: httpd: Could not reliably determine the server's fully qualified domain name," error. the Recently I was working to bring up my Apache web server to host my PHP Applications on Port 443 but while bringing up the service I noticed "AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain. Set the 'ServerName' directive globally to suppress this message" error on the output. So I thought to put all the troubleshooting steps in an article so that it will help you guys also if you are facing the same issue.

Solved: AH00558: httpd: Could not reliably determine the server's fully qualified domain name 2

AH00558: httpd: Could not reliably determine the server's fully qualified domain name

Also Read: Dynamic Memory Allocations with malloc(), calloc(), free() and realloc() functions in C

Advertisements

Step 1: Check the httpd Service Status

After setting up my Apache web Server when I restarted the httpd service using service httpd restart command then I saw that the httpd.service is failing with below error message.

[root@localhost private]# service httpd restart
Redirecting to /bin/systemctl restart httpd.service
Job for httpd.service failed because the control process exited with error code.See "systemctl status httpd.service" and "journalctl -xe" for details.

I tried to check the complete error message on the output by checking the httpd service status using service httpd status -l command as shown below.

Advertisements
[root@localhost ~]# service httpd status -l
Redirecting to /bin/systemctl status -l httpd.service
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Wed 2020-10-14 06:06:41 EDT; 44s ago
Docs: man:httpd(8)
man:apachectl(8)
Process: 6576 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND (code=exited, status=1/FAILURE)
Main PID: 6576 (code=exited, status=1/FAILURE)

Oct 14 06:06:40 localhost.localdomain systemd[1]: Starting The Apache HTTP Server...
Oct 14 06:06:41 localhost.localdomain httpd[6576]: AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain. Set the 'ServerName' directive globally to suppress this message
Oct 14 06:06:41 localhost.localdomain systemd[1]: httpd.service: main process exited, code=exited, status=1/FAILURE
Oct 14 06:06:41 localhost.localdomain systemd[1]: Failed to start The Apache HTTP Server.
Oct 14 06:06:41 localhost.localdomain systemd[1]: Unit httpd.service entered failed state.
Oct 14 06:06:41 localhost.localdomain systemd[1]: httpd.service failed.

NOTE:

Please note that here I am using root user to run all the below commands. You can use any user with sudo access to run all these commands. For more information Please check Step by Step: How to Add User to Sudoers to provide sudo access to the User.

Step 2: Check journalctl Logs

If you want to check more about the error then you can look for journalctl logs using journalctl -xe command as shown below. You can check 32 Best journalctl command examples in Linux(Redhat/CentOS) Part-1 and 32 Best journal command examples in Linux(RedHat/CentOS) Part - 2 to know more about journalctl.

Advertisements
[root@localhost ~]# journalctl -xe
Oct 14 05:55:08 localhost.localdomain systemd[1]: httpd.service: main process exited, code=exited, status=1/FAILURE
Oct 14 05:55:08 localhost.localdomain systemd[1]: Failed to start The Apache HTTP Server.
-- Subject: Unit httpd.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit httpd.service has failed.
--
-- The result is failed.
Oct 14 06:06:41 localhost.localdomain httpd[6576]: AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain. S
Oct 14 06:06:41 localhost.localdomain systemd[1]: httpd.service: main process exited, code=exited, status=1/FAILURE
Oct 14 06:06:41 localhost.localdomain systemd[1]: Failed to start The Apache HTTP Server.
-- Subject: Unit httpd.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit httpd.service has failed.
--
-- The result is failed.

Step 3: Check /etc/hosts file

Error is basically talking about using fully qualified domain name so if you are running any local web server then you can first look into the /etc/hosts file and check the mapping of FQDN to IP Address is correct or not. If the Server hostname is published through DNS Server then you need not to verify from this file and you should go ahead with the next steps.

[root@localhost ~]# vi /etc/hosts

Step 4: Check Apache configuration using apachectl

You can also verify the apache configuration by using apachectl configtest command as shown below. This will tell you about any Syntax error or any other error configuration file currently has. In my case it shows the "AH00558: httpd: Could not reliably determine the server's fully qualified domain name" error which means it has some issue.

Advertisements
[root@localhost ~]# apachectl configtest
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain. Set the 'ServerName' directive globally to suppress this message
Syntax OK

Step 5: Check Apache ssl.conf configuration file

Next step is to check the apache ssl.conf configuration file. Here you need to check the ServerName directive and verify that Server Name is correct here. Since the error talks about using Global ServerName directive so you can try to provide the ServerName at the end of the file i.e outside any VirtualHost directive as you can see below.

[root@localhost ~]# vi /etc/httpd/config.d/ssl.conf
Add ServerName at the end of ssl.conf
BrowserMatch "MSIE [2-5]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0

# Per-Server Logging:
# The home of a custom SSL log file. Use this when you want a
# compact non-error SSL logfile on a virtual host basis.
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

</VirtualHost>
ServerName test.cyberithub.com:443

NOTE:

If you notice we are configuring ssl.conf here instead of default apache httpd.conf configuration file. This is because we are enabling https service on Port 443 which also requires mod_ssl module. Generally we use httpd.conf file when we are enabling Apache web service on Port 80.

Step 6: Check SELinux Policy

Then you also need to check the SELinux configuration by using sestatus command. There is a chance that SELinux rule might block the apache service. In our case, currently it is set to enforcing mode so I would like to change the Current mode from Enforcing to Permissive and then check once. If you don't need SELinux, then you can disable it as well.

[root@localhost ~]# sestatus
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: enforcing
Mode from config file: enforcing
Policy MLS status: enabled
Policy deny_unknown status: allowed
Max kernel policy version: 31

We can temporaily disable the SELinux by using setenforce 0 command as shown below and then if we again check the SELinux status using sestatus command then we can see it has now changed to Permissive mode.

[root@localhost ~]# setenforce 0
[root@localhost ~]# sestatus
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: permissive
Mode from config file: enforcing
Policy MLS status: enabled
Policy deny_unknown status: allowed
Max kernel policy version: 31

Step 7: Check Firewall Rules

If you are running any firewall in your Server then you need to allow the Port 443 through firewall. More on service command Man Page.

[root@localhost ~]# service firewalld status
Redirecting to /bin/systemctl status firewalld.service
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: active (running) since Wed 2020-10-14 04:17:20 EDT; 2h 9min ago
Docs: man:firewalld(1)
Main PID: 15329 (firewalld)
CGroup: /system.slice/firewalld.service
└─15329 /usr/bin/python2 -Es /usr/sbin/firewalld --nofork --nopid

Oct 14 04:17:19 localhost.localdomain systemd[1]: Stopped firewalld - dynamic firewall daemon.
Oct 14 04:17:19 localhost.localdomain systemd[1]: Starting firewalld - dynamic firewall daemon...
Oct 14 04:17:20 localhost.localdomain systemd[1]: Started firewalld - dynamic firewall daemon.
Oct 14 04:17:20 localhost.localdomain firewalld[15329]: WARNING: AllowZoneDrifting is enabled. This is considered an insecure configuration option. It will ...g it now.
Hint: Some lines were ellipsized, use -l to show in full.

You can allow https service through firewall using firewall-cmd --zone=public --add-service=https command as shown below. You can check 26 Useful firewall CMD Examples on RedHat/CentOS 7 to know more about firewall-cmd command.

[root@localhost ~]# firewall-cmd --zone=public --add-service=https

Step 8: Check IPTABLES Rules

If you are running IPTABLES in your Server then you need to allow Port 443 from that as well using below iptables command. You can check 30 Most Popular IPTABLES command in Linux to know more about iptables.

[root@localhost ~]# iptables -A INPUT -p tcp --dport 443 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
[root@localhost ~]# iptables -A OUTPUT -p tcp --sport 443 -m conntrack --ctstate ESTABLISHED -j ACCEPT

Step 9: Restart httpd service and Check the Status

Now we can again try to restart the httpd service using service httpd restart command and check if this helps.

[root@localhost ~]# service httpd restart
Redirecting to /bin/systemctl restart httpd.service

This time we do not see any error on the output, so let's check the httpd service status again by using service httpd status command. Here we can see that service is now started successfully without any error.

[root@localhost ~]# service httpd status
Redirecting to /bin/systemctl status httpd.service
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled)
Active: active (running) since Wed 2020-10-14 06:29:14 EDT; 8s ago
Docs: man:httpd(8)
man:apachectl(8)
Main PID: 6902 (httpd)
Status: "Processing requests..."
CGroup: /system.slice/httpd.service
├─6902 /usr/sbin/httpd -DFOREGROUND
├─6903 /usr/sbin/httpd -DFOREGROUND
├─6904 /usr/sbin/httpd -DFOREGROUND
├─6905 /usr/sbin/httpd -DFOREGROUND
├─6906 /usr/sbin/httpd -DFOREGROUND
└─6907 /usr/sbin/httpd -DFOREGROUND

Oct 14 06:29:14 localhost.localdomain systemd[1]: Starting The Apache HTTP Server...
Oct 14 06:29:14 localhost.localdomain systemd[1]: Started The Apache HTTP Server.

Hopefully you found this article useful in resolving "AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain. Set the 'ServerName' directive globally to suppress this message" error.

 

 

 

 

Popular Recommendations:-

How to Install PHP on RedHat/CentOS 7 with Easy Steps

Useful C Program to List Network Interfaces using only 30 Lines of Code

Best Explanation of Wrapper Classes in Java: Autoboxing and Unboxing with Examples

5 Best Ways to Become root user or Superuser in Linux (RHEL/CentOS/Ubuntu)

7 Easy Steps to Install PHP on RHEL 8/CentOS 8

Easy Steps to Install Java on Ubuntu 20.04

Best Steps to Install Java on RHEL 8/CentOS 8

15 ansible-vault command examples to encrypt and decrypt sensitive data/files on Linux

Leave a Comment