Apache Configuration Error AH00526: Syntax error

Updated on July 30, 2020
Apache Configuration Error AH00526: Syntax error


An Apache AH00526: Syntax error message occurs when there is a typo or misconfigured setting somewhere in your Apache configuration files. It is a generic error that can be indicative of a number of underlying problems.

The error can be detected using apachectl configtest before an invalid configuration is loaded. It can also be found using the systemctl and journalctl commands. In the latter two cases, Apache will be unable to run because of the error.

If you have detected the error using apachectl then skip to the Troubleshooting Using the Built in apachectl Command section of this tutorial. Otherwise, the next section will explain how to use systemctl to troubleshoot the error.

Troubleshooting with systemctl

Following the troubleshooting steps from the How to Troubleshoot Common Apache Errors tutorial at the beginning of this series, the first step when you are troubleshooting an AH00526 error is to check Apache’s status with systemctl. It is important to understand if the error affects the running process, or if it is preventing Apache from starting up.

On Ubuntu and Debian derived Linux distributions, run the following to check Apache’s status:

Ubuntu and Debian Systems
  1. sudo systemctl status apache2.service -l --no-pager

On CentOS and Fedora systems, use this command to examine Apache’s status:

CentOS and Fedora Systems
  1. sudo systemctl status httpd.service -l --no-pager

The -l flag will ensure that systemctl outputs the entire contents of a line, instead of substituting in ellipses () for long lines. The --no-pager flag will output the entire log to your screen without invoking a tool like less that only shows a screen of content at a time.

Since you are troubleshooting an AH00526: Syntax error message, you should receive output that is similar to the following:

● apache2.service - The Apache HTTP Server Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled) Drop-In: /lib/systemd/system/apache2.service.d └─apache2-systemd.conf Active: failed (Result: exit-code) since Wed 2020-07-15 13:45:49 UTC; 1min 37s ago . . . Jul 15 13:45:49 f17f01056c5b systemd[1]: Starting The Apache HTTP Server... Jul 15 13:45:49 f17f01056c5b apachectl[15860]: AH00526: Syntax error on line 2 of /etc/apache2/sites-enabled/000-default.conf: Jul 15 13:45:49 f17f01056c5b apachectl[15860]: Invalid command 'SSSLCertificateFile', perhaps misspelled or defined by a module not included in the server configuration Jul 15 13:45:49 f17f01056c5b apachectl[15860]: Action 'start' failed. Jul 15 13:45:49 f17f01056c5b apachectl[15860]: The Apache error log may have more information. Jul 15 13:45:49 f17f01056c5b systemd[1]: apache2.service: Control process exited, code=exited status=1 Jul 15 13:45:49 f17f01056c5b systemd[1]: apache2.service: Failed with result 'exit-code'. Jul 15 13:45:49 f17f01056c5b systemd[1]: Failed to start The Apache HTTP Server.

In this case, Apache is not running because of the syntax error. The error is caused by an extra S character at the beginning of the SSSLCertificateFile line in the /etc/apache2/sites-enabled/000-default.conf file. The correct directive should be SSLCertificateFile, so editing the file to fix the directive name in this example would resolve the error and allow Apache to start.

The systemctl output in this example also includes some lines from the systemd journal. If your output indicates a specific line in your configuration file is generating the syntax error, you can skip the journalctl and apachectl configtest troubleshooting steps. Instead, you can go directly to the file to inspect and edit the erroneous line to resolve the error.

If your output does not give specific information about the error location in Apache’s configuration files, you will need to examine journalctl output from the systemd logs. The following section explains how to use journalctl to troubleshoot an AH00526 error.

Troubleshooting with journalctl logs

If your systemctl output does not include specifics about an AH00526 syntax error, you can proceed with using the journalctl command to examine systemd logs for Apache.

On Ubuntu and Debian-derived systems, run the following command:

  1. sudo journalctl -u apache2.service --since today --no-pager

On CentOS, Fedora, and RedHat-derived systems, use this command to inspect the logs:

  1. sudo journalctl -u httpd.service --since today --no-pager

The --since today flag will limit the output of the command to log entries beginning at 00:00:00 of the current day only. Using this option will help restrict the volume of log entries that you need to examine when checking for errors.

If you have an AH00526 error in your Apache configuration, look through the journalctl command output for lines like the following:

-- Logs begin at Tue 2019-11-05 21:26:44 UTC, end at Tue 2020-06-09 15:13:01 UTC. -- . . . Jun 09 15:12:28 f17f01056c5b apachectl[3157]: AH00526: Syntax error on line 3 of /etc/apache2/sites-enabled/000-default.conf: Jun 09 15:12:28 f17f01056c5b apachectl[3157]: Invalid command 'SSLCertificateFile', perhaps misspelled or defined by a module not included in the server configuration . . .

The first line of output is the AH00526 error. Since this error is a general error related to an invalid setting or a typo in a configuration file, the next line explains what caused the error. In this case it is a directive called SSLCertificateFile, which will only be valid if the ssl module is enabled.

If you encounter an AH00526 error that is related to an invalid SSLCertificateFile directive, you can resolve it by enabling the ssl module and then restarting Apache to make the error go away.

For Ubuntu and Debian systems, run the following to enable the module:

  1. sudo a2enmod ssl
  2. sudo systemctl restart apache2.service

On CentOS and Fedora systems, ensure that the mod_ssl package is installed, and then load the module by adding it to Apache’s /etc/httpd/conf.modules.d directory in a file like this:

  1. sudo yum install mod_ssl
  2. echo "LoadModule ssl_module modules/mod_ssl.so" | sudo tee > /etc/httpd/conf.modules.d/00-ssl.conf
  3. sudo systemctl restart httpd.service

Once the module is referenced by Apache and you restart it using the command that is appropriate to your Linux distribution, the server will start up if there are no more errors in the configuration.

However, if there are more errors, Apache and systemctl status will continue to report them and attempt to explain why the server cannot be started. systemctl will output failure messages like this on Ubuntu and Debian systems:

Ubuntu & Debian Output
Job for apache2.service failed because the control process exited with error code.
See "systemctl status apache2.service" and "journalctl -xe" for details

And on CentOS, Fedora, and RedHat derived systems, a failed startup message will be similar to the following:

CentOS and Fedora Output
Job for httpd.service failed because the control process exited with error code.
See "systemctl status httpd.service" and "journalctl -xe" for details.

When Apache will still not start because of errors, using the apachectl configtest command can be the most efficient and effective way to diagnose issues. The next section will explain how to use the utility to resolve an AH00526 error that is again related to an invalid SSLCertificateFile directive.

Troubleshooting with apachectl

To troubleshoot an AH00526 error with Apache’s apachectl utility, you can test your Apache configuration using the configtest sub-command. This tool will parse your Apache files to determine whether it’s valid and, if not, locate incorrect settings in the Apache configuration.

The apachectl configtest command is useful for catching syntax errors before reloading apache with a new configuration. This test can help you to avoid service outages in the event of a misconfigured setting in your Apache files.

The following example configuration test command will return an AH00526 Syntax error message, and explains that the likely problem is that Apache is referencing an empty SSLCertificateFile:

  1. sudo apachectl configtest
AH00526: Syntax error on line 3 of /etc/apache2/sites-enabled/000-default.conf: SSLCertificateFile: file '/etc/ssl/certs/example.com.pem' does not exist or is empty

In this example output, the /etc/ssl/certs/example.com.pem file does not exist as the error message notes. Adding an SSL/TLS certificate to the file, or removing the directive will resolve the issue.

A successful apachectl configtest invocation should result in output like this:

Syntax OK


In this tutorial you learned how to troubleshoot an Apache AH00526 syntax error. The first step when investigating any Apache error is to examine the server’s status with systemctl status apache2, or systemctl status httpd depending on your Linux distribution. From there, you can determine whether Apache is running correctly, or if it is unable to start because of the error.

After you have determined Apache’s status, you can diagnose it further using journalctl to examine the systemd logs for the process. You can also use the apachectl configtest command to check the configuration files for errors directly.

Thanks for learning with the DigitalOcean Community. Check out our offerings for compute, storage, networking, and managed databases.

Learn more about us

Tutorial Series: Common Apache Errors

This tutorial series explains how to troubleshoot and fix some of the most common errors that you may encounter when using the Apache web server.

Each tutorial in this series includes descriptions of common Apache configuration, network, filesystem, or permission errors. The series begins with an overview of the commands and log files that you can use to troubleshoot Apache. Subsequent tutorials examine specific errors in detail.

About the authors

Still looking for an answer?

Ask a questionSearch for more help

Was this helpful?
Leave a comment

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Try DigitalOcean for free

Click below to sign up and get $200 of credit to try our products over 60 days!

Sign up

Join the Tech Talk
Success! Thank you! Please check your email for further details.

Please complete your information!

Featured on Community

Get our biweekly newsletter

Sign up for Infrastructure as a Newsletter.

Hollie's Hub for Good

Working on improving health and education, reducing inequality, and spurring economic growth? We'd like to help.

Become a contributor

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Welcome to the developer cloud

DigitalOcean makes it simple to launch in the cloud and scale up as you grow — whether you're running one virtual machine or ten thousand.

Learn more
DigitalOcean Cloud Control Panel