Problem with SSL

September 8, 2016 1.3k views
Apache CentOS

I folllow this link to install SSL on my droplet (Centos 6.x):

And this... just for more references:

When I type the URL of my site don´t open... shows me a message whit warnings and the chrome browser says: This page is insecure (broken HTTPS). The certificate for this site expires in 2017 or later, and the certificate chain contains a certificate signed using SHA-1.

Somebody can help me to solve this problem?... somebody has the same problem?

4 Answers

It's 2016. SHA-1 is terrible. You need to pass -sha256 to the openssl req command to instead use SHA-256, which is still considered secure.

However, it would be even better to use a not-self-signed certificate. Let's Encrypt provides free certificates and has easy-to-use (more or less) clients to install and maintain them.

Thanks for your answer, I execute this code:

openssl req -sha256 -nodes -days 365 -newkey rsa:2048 -keyout /etc/httpd/ssl/apache.key -out /etc/httpd/ssl/apache.crt

Now, the problem is wich my Apache server doesn´t run and the log´s file says:

SSL Library Error: 218595386 error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error

Do you have any idea?

This is the solution to use HTTPS:

Using Let´s Encrypt my problems has been resolved easely... this link show how install the certiticate in some steps:


Let's Encrypt gives you a free cert, does all the installing and managing for you. I would highly recommend using it.

Have another answer? Share your knowledge.