Question

SSL certificates aren't working?

  • Posted on September 22, 2014
  • MeanAsked by Mean

So here are the certificates: http://i.imgur.com/Ggd0TCI.png

Here’s ssl-default.conf:

		SSLCertificateFile /etc/ssl/certs/iRedMail_CA.pem
		SSLCertificateKeyFile /etc/ssl/private/iRedMail.key
		SSLCertificateFile /etc/ssl/droforce.net.crt
		SSLCertificateKeyFile /etc/ssl/droforce.net.key
		SSLCertificateFile /etc/ssl/AddTrustExternalCARoot.crt
		SSLCertificateFile /etc/ssl/COMODORSAAddTrustCA.crt
		SSLCertificateFile/etc/ssl/COMODORSADomainValidationSecureServerCA.crt

Here’s my error: http://i.imgur.com/PsjSwED.png

Not sure why this is happening.

Show comments
Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Kamal NasserSeptember 22, 2014

You don’t need iRedMail’s old self-signed certificate, so delete these two lines:

SSLCertificateFile /etc/ssl/certs/iRedMail_CA.pem
SSLCertificateKeyFile /etc/ssl/private/iRedMail.key

Now, you need to combine the three COMODO files into one file and set it as the SSLCACertificateFile:

cat /etc/ssl/COMODORSADomainValidationSecureServerCA.crt /etc/ssl/COMODORSAAddTrustCA.crt /etc/ssl/AddTrustExternalCARoot.crt  | sudo tee /etc/ssl/COMODO_chain.crt

Your virtualhost config should look like this:

SSLCertificateFile /etc/ssl/droforce.net.crt
SSLCertificateKeyFile /etc/ssl/droforce.net.key
SSLCACertificateFile /etc/ssl/COMODO_chain.crt

Restart Apache and you should be good to go:

sudo service apache2 restart