Mean
By:
Mean

SSL certificates aren't working?

September 22, 2014 1.8k views

So here are the certificates:
http://i.imgur.com/Ggd0TCI.png

Here's ssl-default.conf:

        SSLCertificateFile /etc/ssl/certs/iRedMail_CA.pem
        SSLCertificateKeyFile /etc/ssl/private/iRedMail.key
        SSLCertificateFile /etc/ssl/droforce.net.crt
        SSLCertificateKeyFile /etc/ssl/droforce.net.key
        SSLCertificateFile /etc/ssl/AddTrustExternalCARoot.crt
        SSLCertificateFile /etc/ssl/COMODORSAAddTrustCA.crt
        SSLCertificateFile/etc/ssl/COMODORSADomainValidationSecureServerCA.crt

Here's my error:
http://i.imgur.com/PsjSwED.png

Not sure why this is happening.

6 comments
1 Answer

You don't need iRedMail's old self-signed certificate, so delete these two lines:

SSLCertificateFile /etc/ssl/certs/iRedMail_CA.pem
SSLCertificateKeyFile /etc/ssl/private/iRedMail.key

Now, you need to combine the three COMODO files into one file and set it as the SSLCACertificateFile:

cat /etc/ssl/COMODORSADomainValidationSecureServerCA.crt /etc/ssl/COMODORSAAddTrustCA.crt /etc/ssl/AddTrustExternalCARoot.crt  | sudo tee /etc/ssl/COMODO_chain.crt

Your virtualhost config should look like this:

SSLCertificateFile /etc/ssl/droforce.net.crt
SSLCertificateKeyFile /etc/ssl/droforce.net.key
SSLCACertificateFile /etc/ssl/COMODO_chain.crt

Restart Apache and you should be good to go:

sudo service apache2 restart
Have another answer? Share your knowledge.