Greetings,
I'm having a terrible time setting up Apache 2.2 to use my RapidSSL wildcard certificate. I'm moving our website from a working Apache installation on Windows, to a CentOS 6.3 VM. Everything is working fine on the Windows box, but when I setup Apache and started moving the site over, SSL wasn't validating properly.
I've specified the relevant server.crt/server.key and downloaded RapidSSL's CA bundle and specified that (I've tried SSLCACertificateFile and SSLCertificateChainFile.)
No matter what I do, my browser (Chrome, Firefox and IE) only receive the server.crt, claiming it's a self signed certificate. When I ran the OpenSSL verify command, it returned saying it was a self signed certificate as well. If I verified the CA bundle, it verified ok, though.
Does anyone have any advice on where I need to look to find out what's going on here?
Relevant virtual hosts declaration:
Code:
# Site specific SSL stuff
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLProtocol all -SSLv2
SSLCertificateFile /etc/httpd/conf/server.crt
SSLCertificateKeyFile /etc/httpd/conf/server.key
SSLCertificateChainFile /etc/httpd/conf/rapidssl.crt
#SSLCACertificateFile /etc/httpd/conf/rapidssl.crt
CustomLog logs/ssl_request.log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
BrowserMatch ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
For the CA chain file, I've tried just using what RapidSSL provides (It includes the root GeoTrust cert and RapidSSL's cert), I've tried just using RapidSSL's cert.
Any pointers would be greatly appreciated!