Self signed cert
Keith Smith
techlists at phpcoderusa.com
Fri Jul 3 20:17:48 MST 2015
It was easier to just start over - 20 min and the cert is not an issue
any longer.
On 2015-07-03 18:39, Keith Smith wrote:
> Hi,
>
>
> I'm setting up a VirtualBox and am setting up a VM using CentOS 6.6.
> Everything was running and I could see default welcome page in desktop
> by using the IP for the URL.
>
> Then I wanted to configure a virtual host as a dev / test site.
>
> I tried creating the SSL Cert by using openssl.
>
> # cd /etc/pki/tls/certs
> # make mycert.pem
>
> This confused me. I noticed there was a file
> /etc/pki/tls/localhost.crt that had been created today so I deleted
> it.
>
> Ten I using the command:
>
> openssl req -x509 -nodes -days 4000 -newkey rsa:2048 -keyout
> /etc/httpd/ssl/test-site-name.key -out
> /etc/httpd/ssl/test-site-name.crt
>
> Which created the certs.
>
> I configured the virtual host and when I restarted Apache it just
> fails w/o any message.
>
> The logs:
>
> tail error_log
> [Fri Jul 03 17:49:36 2015] [notice] suEXEC mechanism enabled (wrapper:
> /usr/sbin/suexec)
> [Fri Jul 03 17:51:27 2015] [notice] suEXEC mechanism enabled (wrapper:
> /usr/sbin/suexec)
> [Fri Jul 03 17:52:28 2015] [notice] suEXEC mechanism enabled (wrapper:
> /usr/sbin/suexec)
> [Fri Jul 03 17:56:13 2015] [notice] suEXEC mechanism enabled (wrapper:
> /usr/sbin/suexec)
> [Fri Jul 03 17:57:13 2015] [notice] suEXEC mechanism enabled (wrapper:
> /usr/sbin/suexec)
> [Fri Jul 03 17:57:19 2015] [notice] suEXEC mechanism enabled (wrapper:
> /usr/sbin/suexec)
> [Fri Jul 03 17:59:35 2015] [notice] suEXEC mechanism enabled (wrapper:
> /usr/sbin/suexec)
> [Fri Jul 03 18:02:14 2015] [notice] suEXEC mechanism enabled (wrapper:
> /usr/sbin/suexec)
> [Fri Jul 03 18:02:46 2015] [notice] suEXEC mechanism enabled (wrapper:
> /usr/sbin/suexec)
> [Fri Jul 03 18:03:17 2015] [notice] suEXEC mechanism enabled (wrapper:
> /usr/sbin/suexec)
>
>
> tail ssl_error_log
> [Fri Jul 03 18:02:14 2015] [error] Unable to configure RSA server
> private key
> [Fri Jul 03 18:02:14 2015] [error] SSL Library Error: 185073780
> error:0B080074:x509 certificate routines:X509_check_private_key:key
> values mismatch
> [Fri Jul 03 18:02:46 2015] [warn] RSA server certificate is a CA
> certificate (BasicConstraints: CA == TRUE !?)
> [Fri Jul 03 18:02:46 2015] [warn] RSA server certificate CommonName
> (CN) `localhost.localdomain' does NOT match server name!?
> [Fri Jul 03 18:02:46 2015] [error] Unable to configure RSA server
> private key
> [Fri Jul 03 18:02:46 2015] [error] SSL Library Error: 185073780
> error:0B080074:x509 certificate routines:X509_check_private_key:key
> values mismatch
> [Fri Jul 03 18:03:17 2015] [warn] RSA server certificate is a CA
> certificate (BasicConstraints: CA == TRUE !?)
> [Fri Jul 03 18:03:17 2015] [warn] RSA server certificate CommonName
> (CN) `localhost.localdomain' does NOT match server name!?
> [Fri Jul 03 18:03:17 2015] [error] Unable to configure RSA server
> private key
> [Fri Jul 03 18:03:17 2015] [error] SSL Library Error: 185073780
> error:0B080074:x509 certificate routines:X509_check_private_key:key
> values mismatch
>
>
> Tried:
>
> openssl x509 -noout -modulus -in your_domain_com.crt | openssl md5
> openssl rsa -noout -modulus -in your_domain_com.key | openssl md5
>
> and got matching numbers.
>
> Any help is much appreciated.
--
Keith Smith
More information about the PLUG-discuss
mailing list