Self signed cert

Fri Jul 3 18:39:20 MST 2015

Hi,

I'm setting up a VirtualBox and am setting up a VM using CentOS 6.6.   
Everything was running and I could see default welcome page in desktop 
by using the IP for the URL.

Then I wanted to configure a virtual host as a dev / test site.

I tried creating the SSL Cert by using openssl.

# cd /etc/pki/tls/certs
# make mycert.pem

This confused me.  I noticed there was a file /etc/pki/tls/localhost.crt 
that had been created today so I deleted it.

Ten I using the command:

openssl req -x509 -nodes -days 4000 -newkey rsa:2048 -keyout 
/etc/httpd/ssl/test-site-name.key -out /etc/httpd/ssl/test-site-name.crt

Which created the certs.

I configured the virtual host and when I restarted Apache it just fails 
w/o any message.

The logs:

tail error_log
[Fri Jul 03 17:49:36 2015] [notice] suEXEC mechanism enabled (wrapper: 
/usr/sbin/suexec)
[Fri Jul 03 17:51:27 2015] [notice] suEXEC mechanism enabled (wrapper: 
/usr/sbin/suexec)
[Fri Jul 03 17:52:28 2015] [notice] suEXEC mechanism enabled (wrapper: 
/usr/sbin/suexec)
[Fri Jul 03 17:56:13 2015] [notice] suEXEC mechanism enabled (wrapper: 
/usr/sbin/suexec)
[Fri Jul 03 17:57:13 2015] [notice] suEXEC mechanism enabled (wrapper: 
/usr/sbin/suexec)
[Fri Jul 03 17:57:19 2015] [notice] suEXEC mechanism enabled (wrapper: 
/usr/sbin/suexec)
[Fri Jul 03 17:59:35 2015] [notice] suEXEC mechanism enabled (wrapper: 
/usr/sbin/suexec)
[Fri Jul 03 18:02:14 2015] [notice] suEXEC mechanism enabled (wrapper: 
/usr/sbin/suexec)
[Fri Jul 03 18:02:46 2015] [notice] suEXEC mechanism enabled (wrapper: 
/usr/sbin/suexec)
[Fri Jul 03 18:03:17 2015] [notice] suEXEC mechanism enabled (wrapper: 
/usr/sbin/suexec)

tail ssl_error_log
[Fri Jul 03 18:02:14 2015] [error] Unable to configure RSA server 
private key
[Fri Jul 03 18:02:14 2015] [error] SSL Library Error: 185073780 
error:0B080074:x509 certificate routines:X509_check_private_key:key 
values mismatch
[Fri Jul 03 18:02:46 2015] [warn] RSA server certificate is a CA 
certificate (BasicConstraints: CA == TRUE !?)
[Fri Jul 03 18:02:46 2015] [warn] RSA server certificate CommonName (CN) 
`localhost.localdomain' does NOT match server name!?
[Fri Jul 03 18:02:46 2015] [error] Unable to configure RSA server 
private key
[Fri Jul 03 18:02:46 2015] [error] SSL Library Error: 185073780 
error:0B080074:x509 certificate routines:X509_check_private_key:key 
values mismatch
[Fri Jul 03 18:03:17 2015] [warn] RSA server certificate is a CA 
certificate (BasicConstraints: CA == TRUE !?)
[Fri Jul 03 18:03:17 2015] [warn] RSA server certificate CommonName (CN) 
`localhost.localdomain' does NOT match server name!?
[Fri Jul 03 18:03:17 2015] [error] Unable to configure RSA server 
private key
[Fri Jul 03 18:03:17 2015] [error] SSL Library Error: 185073780 
error:0B080074:x509 certificate routines:X509_check_private_key:key 
values mismatch

Tried:

openssl x509 -noout -modulus -in your_domain_com.crt | openssl md5
openssl rsa -noout -modulus -in your_domain_com.key | openssl md5

and got matching numbers.

Any help is much appreciated.

-- 
Keith Smith