1. Check the service log and see the following error from the /var/log/ HTTPD /nss_error_log file:
[Sat Aug 20 08:17:49 2016] [error] NSS_Initialize failed. Certificate database: /etc/httpd/alias.
[Sat Aug 20 08:17:49 2016] [error] SSL Library Error: -8038 SEC_ERROR_NOT_INITIALIZED
[Sat Aug 20 08:17:49 2016] [error] NSS_Initialize failed. Certificate database: /etc/httpd/alias.
[Sat Aug 20 08:17:49 2016] [error] SSL Library Error: -8038 SEC_ERROR_NOT_INITIALIZED
It says certificate problem. Check the certificate: Discovery time expired
“Certutil-d /etc/httpd/ Alia-L-n Server-CERT”
2. The default time of installation of the certificate is 4 years.
3. Treatment:
1. If you don’t need to use mod_nss module, that the/etc/HTTPD/conf. Directly to the d/NSS. The conf file renaming or deletion; 2. Do not verify certificate expiration time, add nssenforcidcerts off configuration in nss.conf;
3. Is to regenerate the new certificate; Be sure to delete the old certificate database file before generating a new certificate
CD/etc/HTTPD/alias
The rm -f *. The db
The/usr/sbin/gencert/etc/HTTPD/alias & gt; /etc/httpd/alias/install.log 2> & 1
Certutil-d /etc/httpd/ Alia-L-n Server-CERT
Chmod 750 *.db (because it operates under root, it generates permissions that are root permissions)
Restart the HTTPD
 

Reproduced in: https://www.cnblogs.com/Fle-x/articles/5789614.html