HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=16)
-   -   ssl Certificate Invalid (http://www.howtoforge.com/forums/showthread.php?t=6055)

simplyworks 7th August 2006 18:45

ssl Certificate Invalid
 
Hello,

I created the ssl certificate using ISPconfig and this is the only domain using this IP. When I access https://www.example.com I get the security warning stating the name on the certificate does not match the domain.

when veiwing the certificate, it does state issue by: localhost.localdomain which explain the warning.

In veiwing the Vhost file all looks correct.
SSLEngine on
SSLCertificateFile /home/www/web1/ssl/www.example.com.crt
SSLCertificateKeyFile /home/www/web1/ssl/www.example.com.key

From what I can tell, I'm am pulling up this certificate
/etc/pki/tls/private (date matchs build date)

Background info:
Fedora Core 5 built using the How to
Ispconfig
I have restarted the httpd after changes


What should I try next?

Thanks,

till 8th August 2006 10:34

If you accept the certificae, which page do you see? The same content as for http://example.com (without https) or the shared IP page?

simplyworks 8th August 2006 17:03

When I accept the certificate I do get the correct page for https://example.com.

When I view the certificate it is issued by localhost.localdomain. It should be www.example.com correct?

falko 9th August 2006 16:45

What's the hostname and domain name of that web site (it's on the "Basis" tab)?

simplyworks 11th August 2006 23:36

the setting are

Hostname: www
Domain: example.com

thanks,

falko 12th August 2006 19:49

Then the FQDN in the cert should be www.example.com. Are you sure you're using the right certificate? On the correct site?

simplyworks 15th August 2006 21:32

Yes, That is the problem.

When I visit https://www.example.com I am presented with a ssl certificate for the server and NOT the certificate list in the Vhost file path which was created by ISPconfig interface.

I have done a restart of httpd and Ispconfig

I guess, for a work a round I could move the ssl cert. from:
SSLCertificateFile /home/www/web1/ssl/www.example.com.crt
SSLCertificateKeyFile /home/www/web1/ssl/www.example.com.key

TO:
/etc/pki/tls/private (this the key that is presented)

Thanks,

simplyworks 15th August 2006 21:46

Quote:

Originally Posted by simplyworks
Yes, That is the problem.

When I visit https://www.example.com I am presented with a ssl certificate for the server and NOT the certificate list in the Vhost file path which was created by ISPconfig interface.

I have done a restart of httpd and Ispconfig

I guess, for a work a round I could move the ssl cert. from:
SSLCertificateFile /home/www/web1/ssl/www.example.com.crt
SSLCertificateKeyFile /home/www/web1/ssl/www.example.com.key

TO:
/etc/pki/tls/private (this the key that is presented)

Well, the above worked. I move the .crt and .key . Then renamed them and restarted.

I still do not know why apache is not following the vhost directive for this domain?:confused:

falko 16th August 2006 17:44

What's in Vhosts_ispconfig.conf?


All times are GMT +2. The time now is 02:03.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.