Invalid command ‘SSLEngine’

CentOS release 4.5 (Final)

Server version: Apache/1.3.37 (Unix)

You can get this error for lots of reasons (including the mod_ssl.c module not being loaded) but my problem to day was the above error spat out by:

apachectl configtest

The reason is that apachectl DOES NOT define SSL (i.e. when it’s checking the config file). Therefore the httpd.conf will ALWAYS look broken if mod_ssl.c specific directives are in it. That is unless they are bracketed with:

<IfDefine SSL> or <IfModule mod_ssl.c>

in which case what’s the point of using “apachectl configtest” to test the config file?

httpd -S

gives the same error unless you also pass -DSSL like this:

httpd -S -DSSL

Be safe: use the actual boot scripts to stop and start the server if you’re using SSL:

/etc/init.d/httpd stop

/etc/init.d/httpd startssl

WHM / cPanel :

You may get errors for SSLEngine while installing SSL from WHM :

Syntax error on line 29945 of /usr/local/apache/conf/httpd.conf.installssl.1210663778.980885407.445848-domain.com:
Invalid command ‘SSLEngine’, perhaps mis-spelled or defined by a module not included in the server configuration

root@devel [/usr/share/ssl/private]# service httpd startssl
[Tue Jul 18 15:51:15 2006] [warn] module bytes_log_module is already loaded, skipping
Syntax error on line 1211 of /usr/local/apache/conf/httpd.conf:
Invalid commandSSLEngine‘, perhaps mis-spelled or defined by a module not included in the server configuration
/etc/init.d/httpd startssl: httpd could not be started

Fix:

Rebuild Apache using easyapache or from WHM which will fix the issue with SSL.

root@devel [/usr/share/ssl/private]# service httpd restart
/etc/init.d/httpd restart: httpd not running, trying to start
/etc/init.d/httpd restart: httpd started

Leave a Comment