ssl Certificate Invalid

Discussion in 'Installation/Configuration' started by simplyworks, Aug 7, 2006.

  1. simplyworks

    simplyworks New Member


    I created the ssl certificate using ISPconfig and this is the only domain using this IP. When I access I get the security warning stating the name on the certificate does not match the domain.

    when veiwing the certificate, it does state issue by: localhost.localdomain which explain the warning.

    In veiwing the Vhost file all looks correct.
    SSLEngine on
    SSLCertificateFile /home/www/web1/ssl/
    SSLCertificateKeyFile /home/www/web1/ssl/

    From what I can tell, I'm am pulling up this certificate
    /etc/pki/tls/private (date matchs build date)

    Background info:
    Fedora Core 5 built using the How to
    I have restarted the httpd after changes

    What should I try next?

    Last edited: Aug 7, 2006
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    If you accept the certificae, which page do you see? The same content as for (without https) or the shared IP page?
  3. simplyworks

    simplyworks New Member

    When I accept the certificate I do get the correct page for

    When I view the certificate it is issued by localhost.localdomain. It should be correct?
  4. falko

    falko Super Moderator ISPConfig Developer

    What's the hostname and domain name of that web site (it's on the "Basis" tab)?
  5. simplyworks

    simplyworks New Member

    the setting are

    Hostname: www

  6. falko

    falko Super Moderator ISPConfig Developer

    Then the FQDN in the cert should be Are you sure you're using the right certificate? On the correct site?
  7. simplyworks

    simplyworks New Member

    Yes, That is the problem.

    When I visit I am presented with a ssl certificate for the server and NOT the certificate list in the Vhost file path which was created by ISPconfig interface.

    I have done a restart of httpd and Ispconfig

    I guess, for a work a round I could move the ssl cert. from:
    SSLCertificateFile /home/www/web1/ssl/
    SSLCertificateKeyFile /home/www/web1/ssl/

    /etc/pki/tls/private (this the key that is presented)

  8. simplyworks

    simplyworks New Member

    Well, the above worked. I move the .crt and .key . Then renamed them and restarted.

    I still do not know why apache is not following the vhost directive for this domain?:confused:
  9. falko

    falko Super Moderator ISPConfig Developer

    What's in Vhosts_ispconfig.conf?

Share This Page