PDA

View Full Version : Secure Certificate Error


m u r
9th August 2005, 13:42
When I try to go to https://archsupply.com, I get the following error:

could not establish an encrypted connection because certificate presented by www.archsupply.com is invalid or corrupted.
Error Code: -8182

Any ideas on how to fix my certificate?

till
9th August 2005, 14:03
When I try to go to https://archsupply.com, I get the following error:

could not establish an encrypted connection because certificate presented by www.archsupply.com is invalid or corrupted.
Error Code: -8182

Any ideas on how to fix my certificate?

have you generated the certificate manually or in ISPConfig?

m u r
9th August 2005, 14:49
I followed this tutorial for Debian Sarge:

http://www.howtoforge.com/perfect_setup_debian_sarge

It's all a blur in my mind, but I think I did it manually.Then I followed the online ISPConfig install documentation.

I get a different error, depending on the browser. I doubt this helps, but in ie, it says:

Unable to establish a secure connection to 'archsupply.com'. There is a problem with the security certificate from that site (The identity certificate name is not correct.)

In Safari, I looked at the certificate, and there is all sorts of information, including the country, state, etc. that I set up. At the top it says:

This certificate is not valid (host name mismatch)

till
9th August 2005, 16:18
I followed this tutorial for Debian Sarge:

http://www.howtoforge.com/perfect_setup_debian_sarge

It's all a blur in my mind, but I think I did it manually.Then I followed the online ISPConfig install documentation.

I get a different error, depending on the browser. I doubt this helps, but in ie, it says:

Unable to establish a secure connection to 'archsupply.com'. There is a problem with the security certificate from that site (The identity certificate name is not correct.)

In Safari, I looked at the certificate, and there is all sorts of information, including the country, state, etc. that I set up. At the top it says:

This certificate is not valid (host name mismatch)

SSL Certificates are normally only valid for one domain (e.g. www.yourdomain.com). The error "host name mismatch" means that you have installed a ssl certificate with the wrong domain name. Make a new SSL Certificate and when ask for the domain, enter 'archsupply.com'.

m u r
9th August 2005, 16:30
I created a certificate in ISPConfig (site>SSL), but I still get the error. When I go to https://archsupply.com (port 80), it says, "This certificate is not in the trusted root database," and the organization is Global Technology Associates, Inc., not the information I entered in ISPConfig>site>SSL. When I go to https://archsupply.com:81, it says, "The certificate is not valid (host name mismatch)" and the organization is the stuff (that didn't matter according to the tutorial) during the install -- again, not the information I entered in ISPConfig>site>SSL. Can someone please please help me?

till
9th August 2005, 16:43
I created a certificate in ISPConfig (site>SSL), but I still get the error. The certificate now says, "This certificate is not in the trusted root database," and the organization is Global Technology Associates, Inc., not the information I entered in ISPConfig>site>SSL

In ISPConfig, the form of the site www.archsupply.com:

Host: www
Domain: archsupply.com

And the certificate you got is not for: "www.archsupply.com" ?
The vhost for www.archsupply.com is created by ISPConfig and you have not changed anything manually in yor httpd.conf or vhost configuration?

m u r
9th August 2005, 16:46
I haven't touched any of the files. If you want to log in, the password is still "admin"

till
9th August 2005, 16:49
I created a certificate in ISPConfig (site>SSL), but I still get the error. When I go to https://archsupply.com (port 80), it says, "This certificate is not in the trusted root database," and the organization is Global Technology Associates, Inc., not the information I entered in ISPConfig>site>SSL.

Shure, this is a self signed certificate. If you need an official SSL-Cert take the SSL certificate request generated by ISPConfig and buy an SSL an officially signed Certificate from an SSL autority.

When I go to https://archsupply.com:81, it says, "The certificate is not valid (host name mismatch)" and the organization is the stuff (that didn't matter according to the tutorial) during the install -- again, not the information I entered in ISPConfig>site>SSL. Can someone please please help me?

The adminpanel on port 81 has nothing to do with the SSL Certificates for the sites. The SSL-Cert for the adminpanel is generated for the domain you entered in the installer.

till
9th August 2005, 16:50
I haven't touched any of the files. If you want to log in, the password is still "admin"

Sorry, I first misunderstood your post.

m u r
9th August 2005, 16:52
I just meant that I haven't manually configured any of the files since I installed everything. I only created the SSL in ISPConfig.

So, is there a way to change the SSL-Cert for the adminpanel on port 81 to "archsupply.com" without re-installing?

or

Do you know what I did wrong in the install? It asked me about the country, province, etc., but I don't think it ever asked for the domain. The tutorial indicated that the information I entered here wasn't important.

m u r
9th August 2005, 16:56
I just meant that I haven't manually configured any of the files since I installed everything. I only set up the SSL in ISPConfig.

till
9th August 2005, 16:58
I see. So, is there a way to change it to "archsupply.com" without re-installing? I don't need a certificate for port 80. I just need a secure connection for port 81, so I can manage it securely.


To make a new Cert for the controlpanel apache on port 81:

http://www.howtoforge.com/forums/showthread.php?t=121

m u r
9th August 2005, 18:15
Well, firefox at least gives me the option now. It still says, "This certificate is not in the trusted root database." Is that normal?

till
9th August 2005, 18:26
Well, firefox at least gives me the option now. It still says, "This certificate is not in the trusted root database." Is that normal?

Yes, because it is an self signed certificate. If you dont want to have this messgae you must buy an SSL Certificate from an SSL Authority.