RE: HTTPS implementation to apache2 server, localhost

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



You are missing intermediate certificate i.e, CA certificate.

 

You should add it after below lines

 

            SSLCertificateFile    /etc/apache2/ssl/apache.crt
             SSLCertificateKeyFile /etc/apache2/ssl/apache.key

           

 

In ssl.conf you will find

 

Server Certificate Chain:

Certificate Authority (CA):

 

add it anywhere but not in both.

 

Best Regards

 

http://marketing.wiprodigital.com/apps/wipro-esig/assets/images/logo-01.jpg

  Saikiran M

  Middleware Administrator  | SNXT Operations – Global Service Management Centre

  Wipro Limited

   p:  214924 | Toll Free 1800 200 5656

  #146/147, Metagalli industrial area, Mysore 570 016 | Karnataka, INDIA

cid:image002.png@01D198BF.43C16BA0

DO BUSINESS BETTER

CONSULTING | SYSTEM INTEGRATION | BUSINESS PROCESS SERVICES

 

cid:image003.png@01D198BF.43C16BA0

cid:image004.png@01D198BF.43C16BA0

cid:image005.png@01D198BF.43C16BA0

cid:image006.png@01D198BF.43C16BA0

 

 

From: Keerthi Narayan [mailto:mkeerthi21@xxxxxxxxx]
Sent: Thursday, May 4, 2017 6:10 PM
To: users@xxxxxxxxxxxxxxxx
Subject: Re: [users@httpd] HTTPS implementation to apache2 server, localhost

 

** This mail has been sent from an external source **

below is the details of error log file

[Thu May 04 07:35:01.892795 2017] [ssl:warn] [pid 15336:tid 140037655033728] AH01906: 172.19.18.238:443:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Thu May 04 07:35:01.892876 2017] [mpm_event:notice] [pid 15336:tid 140037655033728] AH00489: Apache/2.4.18 (Ubuntu) mod_jk/1.2.41 OpenSSL/1.0.2g configured -- resuming normal operations
[Thu May 04 07:35:01.892881 2017] [core:notice] [pid 15336:tid 140037655033728] AH00094: Command line: '/usr/sbin/apache2'
[Thu May 04 12:54:40.038040 2017] [mpm_event:notice] [pid 15336:tid 140037655033728] AH00491: caught SIGTERM, shutting down
[Thu May 04 12:54:40.780686 2017] [ssl:warn] [pid 18991:tid 140346453059456] AH01906: 172.19.18.238:443:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Thu May 04 12:54:40.787424 2017] [ssl:warn] [pid 18992:tid 140346453059456] AH01906: 172.19.18.238:443:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Thu May 04 12:54:40.788009 2017] [mpm_event:notice] [pid 18992:tid 140346453059456] AH00489: Apache/2.4.18 (Ubuntu) mod_jk/1.2.41 OpenSSL/1.0.2g configured -- resuming normal operations
[Thu May 04 12:54:40.788023 2017] [core:notice] [pid 18992:tid 140346453059456] AH00094: Command line: '/usr/sbin/apache2'

 

On Thu, May 4, 2017 at 2:33 PM, Daniel <dferradal@xxxxxxxxx> wrote:

At first sight there is no syntax error. Can you try to describe what error you get and paste related error.log entries?

 

2017-05-04 9:30 GMT+02:00 Keerthi Narayan <mkeerthi21@xxxxxxxxx>:

Hi All,

I am trying to implement HTTPS to my local server(apache2) and below is configuration file.   -----UBUNTU SERVER

<IfModule mod_ssl.c>
        <VirtualHost _default_:443>
                ServerAdmin user@localhost
                ServerName x.x.x.x
                ServerAlias www.x.x.x.x
                DocumentRoot /var/www/html       
                ErrorLog ${APACHE_LOG_DIR}/error.log
                CustomLog ${APACHE_LOG_DIR}/access.log combined
                SSLEngine on
                SSLCertificateFile    /etc/apache2/ssl/apache.crt
                SSLCertificateKeyFile /etc/apache2/ssl/apache.key
  <FilesMatch "\.(cgi|shtml|phtml|php)$">
                                SSLOptions +StdEnvVars
                </FilesMatch>
                <Directory /usr/lib/cgi-bin>
                                SSLOptions +StdEnvVars
                </Directory>
                <Directory /var/www/html>
                        Options Indexes FollowSymLinks MultiViews
                        AllowOverride None
                        Order allow,deny
                        allow from all
                </Directory>
                 BrowserMatch "MSIE [2-6]" \
                                nokeepalive ssl-unclean-shutdown \
                                downgrade-1.0 force-response-1.0
                BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
        </VirtualHost>
</IfModule>

Please advice me what else i have to configure apart from above configuration or correction.  So that it will get secured.

Thanks & Regards,

Keerthi Narayan

 



 

--

Daniel Ferradal

IT Specialist

 

email         dferradal at gmail.com

 

The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. www.wipro.com

[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux