If you are looking to build VMs that are consistent, you should really be using Vagrant to build your VMs. Kevin On Jul 4, 2015 4:41 PM, "Keith Smith" wrote: > > Thanks!!! I'll try this. I'm hoping for once cert for all sites. > > > > On 2015-07-04 15:34, JD Austin wrote: > >> Usually it's something like this: >> >> # Generate private key >> openssl genrsa -out ca.key 2048 >> >> # Generate CSR >> openssl req -new -key ca.key -out ca.csr >> >> # Generate Self Signed Key >> openssl x509 -req -days 999 -in ca.csr -signkey ca.key -out ca.crt >> >> # Copy the files to the correct locations >> cp ca.crt /etc/pki/tls/certs/localhost.crt >> cp ca.key /etc/pki/tls/private/localhost.key >> cp ca.csr /etc/pki/tls/private/ca.csr >> >> -- JD Austin >> Voice: 480.269.4335 (480 2MY Geek) >> jd@twingeckos.com >> >> On Fri, Jul 3, 2015 at 8:17 PM, Keith Smith >> wrote: >> >> It was easier to just start over - 20 min and the cert is not an >>> issue any longer. >>> >>> On 2015-07-03 18:39, Keith Smith wrote: >>> >>> Hi, >>>> >>>> I'm setting up a VirtualBox and am setting up a VM using CentOS >>>> 6.6. >>>> Everything was running and I could see default welcome page in >>>> desktop >>>> by using the IP for the URL. >>>> >>>> Then I wanted to configure a virtual host as a dev / test site. >>>> >>>> I tried creating the SSL Cert by using openssl. >>>> >>>> # cd /etc/pki/tls/certs >>>> # make mycert.pem >>>> >>>> This confused me. I noticed there was a file >>>> /etc/pki/tls/localhost.crt that had been created today so I >>>> deleted >>>> it. >>>> >>>> Ten I using the command: >>>> >>>> openssl req -x509 -nodes -days 4000 -newkey rsa:2048 -keyout >>>> /etc/httpd/ssl/test-site-name.key -out >>>> /etc/httpd/ssl/test-site-name.crt >>>> >>>> Which created the certs. >>>> >>>> I configured the virtual host and when I restarted Apache it just >>>> fails w/o any message. >>>> >>>> The logs: >>>> >>>> tail error_log >>>> [Fri Jul 03 17:49:36 2015] [notice] suEXEC mechanism enabled >>>> (wrapper: >>>> /usr/sbin/suexec) >>>> [Fri Jul 03 17:51:27 2015] [notice] suEXEC mechanism enabled >>>> (wrapper: >>>> /usr/sbin/suexec) >>>> [Fri Jul 03 17:52:28 2015] [notice] suEXEC mechanism enabled >>>> (wrapper: >>>> /usr/sbin/suexec) >>>> [Fri Jul 03 17:56:13 2015] [notice] suEXEC mechanism enabled >>>> (wrapper: >>>> /usr/sbin/suexec) >>>> [Fri Jul 03 17:57:13 2015] [notice] suEXEC mechanism enabled >>>> (wrapper: >>>> /usr/sbin/suexec) >>>> [Fri Jul 03 17:57:19 2015] [notice] suEXEC mechanism enabled >>>> (wrapper: >>>> /usr/sbin/suexec) >>>> [Fri Jul 03 17:59:35 2015] [notice] suEXEC mechanism enabled >>>> (wrapper: >>>> /usr/sbin/suexec) >>>> [Fri Jul 03 18:02:14 2015] [notice] suEXEC mechanism enabled >>>> (wrapper: >>>> /usr/sbin/suexec) >>>> [Fri Jul 03 18:02:46 2015] [notice] suEXEC mechanism enabled >>>> (wrapper: >>>> /usr/sbin/suexec) >>>> [Fri Jul 03 18:03:17 2015] [notice] suEXEC mechanism enabled >>>> (wrapper: >>>> /usr/sbin/suexec) >>>> >>>> tail ssl_error_log >>>> [Fri Jul 03 18:02:14 2015] [error] Unable to configure RSA server >>>> private key >>>> [Fri Jul 03 18:02:14 2015] [error] SSL Library Error: 185073780 >>>> error:0B080074:x509 certificate >>>> routines:X509_check_private_key:key >>>> values mismatch >>>> [Fri Jul 03 18:02:46 2015] [warn] RSA server certificate is a CA >>>> certificate (BasicConstraints: CA == TRUE !?) >>>> [Fri Jul 03 18:02:46 2015] [warn] RSA server certificate >>>> CommonName >>>> (CN) `localhost.localdomain' does NOT match server name!? >>>> [Fri Jul 03 18:02:46 2015] [error] Unable to configure RSA server >>>> private key >>>> [Fri Jul 03 18:02:46 2015] [error] SSL Library Error: 185073780 >>>> error:0B080074:x509 certificate >>>> routines:X509_check_private_key:key >>>> values mismatch >>>> [Fri Jul 03 18:03:17 2015] [warn] RSA server certificate is a CA >>>> certificate (BasicConstraints: CA == TRUE !?) >>>> [Fri Jul 03 18:03:17 2015] [warn] RSA server certificate >>>> CommonName >>>> (CN) `localhost.localdomain' does NOT match server name!? >>>> [Fri Jul 03 18:03:17 2015] [error] Unable to configure RSA server >>>> private key >>>> [Fri Jul 03 18:03:17 2015] [error] SSL Library Error: 185073780 >>>> error:0B080074:x509 certificate >>>> routines:X509_check_private_key:key >>>> values mismatch >>>> >>>> Tried: >>>> >>>> openssl x509 -noout -modulus -in your_domain_com.crt | openssl >>>> md5 >>>> openssl rsa -noout -modulus -in your_domain_com.key | openssl md5 >>>> >>>> and got matching numbers. >>>> >>>> Any help is much appreciated. >>>> >>> >>> -- >>> Keith Smith >>> --------------------------------------------------- >>> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org >>> To subscribe, unsubscribe, or to change your mail settings: >>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss [1] >>> >> >> >> >> Links: >> ------ >> [1] http://lists.phxlinux.org/mailman/listinfo/plug-discuss >> >> --------------------------------------------------- >> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org >> To subscribe, unsubscribe, or to change your mail settings: >> http://lists.phxlinux.org/mailman/listinfo/plug-discuss >> > > -- > Keith Smith > --------------------------------------------------- > PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org > To subscribe, unsubscribe, or to change your mail settings: > http://lists.phxlinux.org/mailman/listinfo/plug-discuss