SSL Certificate causing warnings in error.log and not working properly. https// does not work.

April 18, 2015 29k views
Ubuntu Apache Security
b1663r
By:
b1663r

I am in the process of migrating a clients e-commerce store away from godaddy and to my servers here at digital ocean… everything is now set up, but I have been having issues getting the SSL cert to install properly. After re-keying the cert (based on a .csr built on this server) I modified the .conf file as per one of your tutorials. Please find some more information below.

Ubuntu 14.04
Apache 2.4.7

cert files located in /etc/apache2/ssl folder.

/var/www/mittenvapors.com.conf:

<VirtualHost *:80>
  ServerName mittenvapors.com
  ServerAlias www.mittenvapors.com
  Redirect permanent / https://mittenvapors.com/
</VirtualHost>
<VirtualHost *:443>
  ServerAdmin lee.allen.sc@gmail.com
  ServerName mittenvapors.com
  DocumentRoot /var/www/mittenvapors.com/public_html
  ErrorLog ${APACHE_LOG_DIR}/error.mittenvapors.dev.log
  CustomLog ${APACHE_LOG_DIR}/access.mittenvapors.dev.log combined
  SSLEngine on
  SSLCertificateFile /etc/apache2/ssl/mittenvapors.com.crt
  SSLCertificateKeyFile /etc/apache2/ssl/mittenvapors.com.key
  SSLCertificateChainFile /etc/apache2/ssl/intermediate.crt
</VirtualHost>

I am also getting the following errors when restarting the server:

Sat Apr 18 01:46:54.577441 2015] [mpm_prefork:notice] [pid 23002] AH00169: caught SIGTERM, shutting down
[Sat Apr 18 01:46:55.650745 2015] [ssl:warn] [pid 23069] AH01909: RSA certificate configured for localhost:443 does NOT include an ID which matches the server name
[Sat Apr 18 01:46:55.651210 2015] [ssl:warn] [pid 23069] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)
[Sat Apr 18 01:46:55.726140 2015] [ssl:warn] [pid 23070] AH01909: RSA certificate configured for localhost:443 does NOT include an ID which matches the server name
[Sat Apr 18 01:46:55.726395 2015] [ssl:warn] [pid 23070] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)
[Sat Apr 18 01:46:55.730860 2015] [mpm_prefork:notice] [pid 23070] AH00163: Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.4 OpenSSL/1.0.1f configured -- resuming normal operations
[Sat Apr 18 01:46:55.735974 2015] [core:notice] [pid 23070] AH00094: Command line: '/usr/sbin/apache2'

I’m at my wits end, and for once the Google maschine has failed me. Any help would be greatly appreciated!

1 comment
Sign In to Comment
3 Answers
BrookDO June 3, 2016

This question was answered by @asb:

Could you share the command you ran to generate the CSR? What did you enter for the “Common Name?” This tutorial should be of some help:

You can see the comment here.

How To Install an SSL Certificate from a Commercial Certificate Authority
by Mitchell Anicas
This tutorial will show you how to acquire and install an SSL certificate from a trusted, commercial Certificate Authority (CA). SSL certificates allow web servers to encrypt their traffic, and also offer a mechanism to validate server identities to their visitors. The...
Report
Amitgood September 24, 2016
[deleted]
Report
hypertextsol September 24, 2016

I am too facing the same problem, any solution to it, I have followed the same tutorial as given above.

Please help.

Report
Have another answer? Share your knowledge.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Related