Self signed cert
Keith Smith
techlists at phpcoderusa.com
Fri Jul 3 18:39:20 MST 2015
Hi,
I'm setting up a VirtualBox and am setting up a VM using CentOS 6.6.
Everything was running and I could see default welcome page in desktop
by using the IP for the URL.
Then I wanted to configure a virtual host as a dev / test site.
I tried creating the SSL Cert by using openssl.
# cd /etc/pki/tls/certs
# make mycert.pem
This confused me. I noticed there was a file /etc/pki/tls/localhost.crt
that had been created today so I deleted it.
Ten I using the command:
openssl req -x509 -nodes -days 4000 -newkey rsa:2048 -keyout
/etc/httpd/ssl/test-site-name.key -out /etc/httpd/ssl/test-site-name.crt
Which created the certs.
I configured the virtual host and when I restarted Apache it just fails
w/o any message.
The logs:
tail error_log
[Fri Jul 03 17:49:36 2015] [notice] suEXEC mechanism enabled (wrapper:
/usr/sbin/suexec)
[Fri Jul 03 17:51:27 2015] [notice] suEXEC mechanism enabled (wrapper:
/usr/sbin/suexec)
[Fri Jul 03 17:52:28 2015] [notice] suEXEC mechanism enabled (wrapper:
/usr/sbin/suexec)
[Fri Jul 03 17:56:13 2015] [notice] suEXEC mechanism enabled (wrapper:
/usr/sbin/suexec)
[Fri Jul 03 17:57:13 2015] [notice] suEXEC mechanism enabled (wrapper:
/usr/sbin/suexec)
[Fri Jul 03 17:57:19 2015] [notice] suEXEC mechanism enabled (wrapper:
/usr/sbin/suexec)
[Fri Jul 03 17:59:35 2015] [notice] suEXEC mechanism enabled (wrapper:
/usr/sbin/suexec)
[Fri Jul 03 18:02:14 2015] [notice] suEXEC mechanism enabled (wrapper:
/usr/sbin/suexec)
[Fri Jul 03 18:02:46 2015] [notice] suEXEC mechanism enabled (wrapper:
/usr/sbin/suexec)
[Fri Jul 03 18:03:17 2015] [notice] suEXEC mechanism enabled (wrapper:
/usr/sbin/suexec)
tail ssl_error_log
[Fri Jul 03 18:02:14 2015] [error] Unable to configure RSA server
private key
[Fri Jul 03 18:02:14 2015] [error] SSL Library Error: 185073780
error:0B080074:x509 certificate routines:X509_check_private_key:key
values mismatch
[Fri Jul 03 18:02:46 2015] [warn] RSA server certificate is a CA
certificate (BasicConstraints: CA == TRUE !?)
[Fri Jul 03 18:02:46 2015] [warn] RSA server certificate CommonName (CN)
`localhost.localdomain' does NOT match server name!?
[Fri Jul 03 18:02:46 2015] [error] Unable to configure RSA server
private key
[Fri Jul 03 18:02:46 2015] [error] SSL Library Error: 185073780
error:0B080074:x509 certificate routines:X509_check_private_key:key
values mismatch
[Fri Jul 03 18:03:17 2015] [warn] RSA server certificate is a CA
certificate (BasicConstraints: CA == TRUE !?)
[Fri Jul 03 18:03:17 2015] [warn] RSA server certificate CommonName (CN)
`localhost.localdomain' does NOT match server name!?
[Fri Jul 03 18:03:17 2015] [error] Unable to configure RSA server
private key
[Fri Jul 03 18:03:17 2015] [error] SSL Library Error: 185073780
error:0B080074:x509 certificate routines:X509_check_private_key:key
values mismatch
Tried:
openssl x509 -noout -modulus -in your_domain_com.crt | openssl md5
openssl rsa -noout -modulus -in your_domain_com.key | openssl md5
and got matching numbers.
Any help is much appreciated.
--
Keith Smith
More information about the PLUG-discuss
mailing list