LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   Third Party SSl certificate on debian (https://www.linuxquestions.org/questions/linux-newbie-8/third-party-ssl-certificate-on-debian-4175625683/)

Shr0912 03-16-2018 06:56 AM
Third Party SSl certificate on debian
 
Hi,

I am trying to install a third party ssl certificate on Debian 4.9.30-2+deb9u5 for subdomain a.mysite.com . Certificate has been issued by digicert.

Tried and made following changes:

In /etc/apache2/sites-available/default-ssl.conf, put location of cer and keys in
SSLCertificateFile
SSLCertificateKeyFile
SSLCertificateChainFile

It didnt worked out. I then put the module in /etc/apache2/apache.conf
<VirtualHost *:443>
DocumentRoot <location>
ServerName <Server name>
ServerAlias <Alias>
SSLEngine on
SSLCertificateFile /etc/ssl/certs/server.crt
SSLCertificateKeyFile /etc/ssl/private/server.key
SSLCertificateChainFile /etc/ssl/certs/serverCA.crt
</VirtualHost>

Everytime i make change to configuration file, apachectl configtest gives no error, but when i restart apache services, it throws error:

Job for apache2.service failed because the control process exited with error code.
See "systemctl status apache2.service" and "journalctl -xe" for details.


I had checked for 443 port, it is in listening state
Enabled modules too

Can i get help here?
Also, if there a way to know for which domain a cerificate has been issued.
And if a certificate can be used for multiple domains.

sundialsvcs 03-16-2018 08:29 AM
Well, issue one of those commands to learn more! :p Also look at /var/log/apache2/error.log

The configuration can be syntactically correct –*which is all that configtest looks for – but incorrect with regards to its content.

You should also be aware that some SSL problems will cause the sudo service apache2 start command to succeed, but Apache will thereafter immediately stop. :eek:

Probably the most common problem is some kind of mismatch between the domain-name of the <VirtualHost> and the information that is actually contained in the certificate.

Mattias Gerniar wrote a very nice write-up on the subject of how to retrieve and interpret certificate information in this post on his blog.

Shr0912 03-16-2018 09:55 AM
Quote:
Originally Posted by sundialsvcs (Post 5831666)
Well, issue one of those commands to learn more! :p Also look at /var/log/apache2/error.log

The configuration can be syntactically correct –*which is all that configtest looks for – but incorrect with regards to its content.

You should also be aware that some SSL problems will cause the sudo service apache2 start command to succeed, but Apache will thereafter immediately stop. :eek:

Probably the most common problem is some kind of mismatch between the domain-name of the <VirtualHost> and the information that is actually contained in the certificate.

Mattias Gerniar wrote a very nice write-up on the subject of how to retrieve and interpret certificate information in this post on his blog.
Yes, these could be issues, but in my case, there was domain error :)
I fixed by getting certificate for correct domain.

However, i am facing another error after ssl installation.
The site is getting loaded with ssl, but in a very distorted manner.

All css files are missing. I am using magento and have enabled secure urls there.
Can you help?

Shr0912 03-26-2018 03:15 AM
Quote:
Originally Posted by Shr0912 (Post 5831698)
Yes, these could be issues, but in my case, there was domain error :)
I fixed by getting certificate for correct domain.

However, i am facing another error after ssl installation.
The site is getting loaded with ssl, but in a very distorted manner.

All css files are missing. I am using magento and have enabled secure urls there.
Can you help?

Issue got resolver after uploading missing css and js files from backup code. It runs well now.


All times are GMT -5. The time now is 02:24 PM.