The certificates on a couple of our servers expired the other day, so I
ran pkidiag and renewed them. Now apache loads, but when I try to access
the webserver, I get Service unavailable! 503 errors (accessing the
default welcome page, iManager or Remote manager). I checked the expiry
date of the certificates - those servers have 4 cerfificates each:
SSL CertificateDNS <servername>
SSL CertificateIP <servername>
DNS AG <ipadress> - <servername>
IP AG <FQDN> - <servername>

The root certificate expiry date is 2014, as is the the expiry date for
the Public Key Certificate for the SLL Certificate* certs, but the the DNS
AG & IP AG Public Key Certificates have expiry dates of 30 Sept 2007. I
noticed that our other OES server certs have similar expiry dates (ie all
well in the future except for the DNS AG and IP AG certs). It looks to me
as if those are old certs that are no longer used and so pkidiag doesn't
fix them or even see them as being a problem.
That doesn't explain why apache works fine on one server, but is giving
the Service Unavailable errors on the other 2 servers.

I've run pkidiag again and replaced the certificates and re-load apache2
and admsrv, but still no joy!

I also ran tckeygen.ncf and bounced apache.

Now I've run out of ideas and I'm hoping someone can help!