Related

Hacking attempt fixed with Fail2Ban, but high memory usage remains Question Question
How to install an ssl certificate from Rapid ssl authority in Ubuntu 14 for magento? Question Question

Question

SSL Certificate causing warnings in error.log and not working properly. https// does not work.

Posted April 18, 2015 30.2k views
UbuntuApacheSecurity

I am in the process of migrating a clients e-commerce store away from godaddy and to my servers here at digital ocean… everything is now set up, but I have been having issues getting the SSL cert to install properly. After re-keying the cert (based on a .csr built on this server) I modified the .conf file as per one of your tutorials. Please find some more information below.

Ubuntu 14.04
Apache 2.4.7

cert files located in /etc/apache2/ssl folder.

/var/www/mittenvapors.com.conf:

<VirtualHost *:80>
  ServerName mittenvapors.com
  ServerAlias www.mittenvapors.com
  Redirect permanent / https://mittenvapors.com/
</VirtualHost>
<VirtualHost *:443>
  ServerAdmin lee.allen.sc@gmail.com
  ServerName mittenvapors.com
  DocumentRoot /var/www/mittenvapors.com/public_html
  ErrorLog ${APACHE_LOG_DIR}/error.mittenvapors.dev.log
  CustomLog ${APACHE_LOG_DIR}/access.mittenvapors.dev.log combined
  SSLEngine on
  SSLCertificateFile /etc/apache2/ssl/mittenvapors.com.crt
  SSLCertificateKeyFile /etc/apache2/ssl/mittenvapors.com.key
  SSLCertificateChainFile /etc/apache2/ssl/intermediate.crt
</VirtualHost>

I am also getting the following errors when restarting the server:

Sat Apr 18 01:46:54.577441 2015] [mpm_prefork:notice] [pid 23002] AH00169: caught SIGTERM, shutting down
[Sat Apr 18 01:46:55.650745 2015] [ssl:warn] [pid 23069] AH01909: RSA certificate configured for localhost:443 does NOT include an ID which matches the server name
[Sat Apr 18 01:46:55.651210 2015] [ssl:warn] [pid 23069] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)
[Sat Apr 18 01:46:55.726140 2015] [ssl:warn] [pid 23070] AH01909: RSA certificate configured for localhost:443 does NOT include an ID which matches the server name
[Sat Apr 18 01:46:55.726395 2015] [ssl:warn] [pid 23070] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)
[Sat Apr 18 01:46:55.730860 2015] [mpm_prefork:notice] [pid 23070] AH00163: Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.4 OpenSSL/1.0.1f configured -- resuming normal operations
[Sat Apr 18 01:46:55.735974 2015] [core:notice] [pid 23070] AH00094: Command line: '/usr/sbin/apache2'

I’m at my wits end, and for once the Google maschine has failed me. Any help would be greatly appreciated!

Add a comment
b1663r
By:
b1663r
Add a comment
1 comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
2 answers
BrookDO June 3, 2016

This question was answered by @asb:

Could you share the command you ran to generate the CSR? What did you enter for the “Common Name?” This tutorial should be of some help:

You can see the comment here.

How To Install an SSL Certificate from a Commercial Certificate Authority
by Mitchell Anicas
This tutorial will show you how to acquire and install an SSL certificate from a trusted, commercial Certificate Authority (CA). SSL certificates allow web servers to encrypt their traffic, and also offer a mechanism to validate server identities to their visitors. The...
Reply Report
Amitgood September 24, 2016
[deleted]
Reply Report
hypertextsol September 24, 2016

I am too facing the same problem, any solution to it, I have followed the same tutorial as given above.

Please help.

Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help