apache2 + mod-ssl keeps loading the default localhost.xxxxxx cert
Hi
I need to secure my site with a ssl connection. What I did: run: openssl genrsa -des3 -out Server'sIP.key 1024 run: openssl req -new -key Server'sIP.key -x509 -out Server'sIP.crt run: openssl req -new -key Server'sIP.key -out Server'sIP.csr moved *.key file from /etc/httpd/conf to /etc/httpd/conf/ssl.key/ moved *.crt file from /etc/httpd/conf to /etc/httpd/conf/ssl.crt/ added : <IfDefine HAVE_SSL> <VirtualHost Server'sIP:443> SSLEngine on SSLCertificateFile /etc/httpd/conf/ssl.crt/Server'sIP.crt SSLCertificateKeyFile /etc/httpd/conf/ssl.key/Server'sIP.key SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown </VirtualHost> </IfDefine> restarted apache. When accessing the site from other host it keeps loading some default localhost.oxsomething cert. The distro is Mandrake 10.1 , Apache 2.0.50 What am I missing ? Thanks for any advice :) |
You must first create the CSR and then use it to create the key. You must setup a CA if you don't have done it already. Read this for details.
|
Hi and thanks for replying
Currently the certs I prepare are damaged as the browser says... Tried to use the tutorial Ypu provided however am getting an error at this step Code:
openssl ca -policy policy_anything -out new.crt -infiles new.csr however tried instructions at this site which were: Create CA : openssl genrsa -des3 -out ca.key 4096 openssl req -new -x509 -days 365 -key ca.key -out ca.crt Create cert : openssl genrsa -des3 -out server.key 4096 openssl req -new -key server.key -out server.csr Signed cert with CA openssl x509 -req -days 365 -in server.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out server.crt What can be wrong now ? Does the answers I provide to questions about OU and other names are dependant on my IP ? Thanks |
Quote:
What you mean that you browser says about damaged certificates? Does the browser prompts you to accept the cert? Take a look at the apache error_log and ssl_engine logs to see if you find out something useful? |
All times are GMT -5. The time now is 08:15 PM. |