Re: SSL certificate update failed - httpd-2.4.6-90.el7

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi @lbutlr,

Below is the site.conf file settings . We just updated the certificate contents and touched nothing else. Right now the site is reverted to its original certificate. But as soon as we update the certificate contents it doesn't work and throw the error that I mentioned. 

<VirtualHost *:80>
  ServerName amnetgroup.com


  RedirectMatch 301 (.*) https://www.amnetgroup.com$1
</VirtualHost>

<VirtualHost *:80>
  ServerName amnet.ie
  ServerAlias www.amnet.ie
  ServerAlias amnetgroup.ie www.amnetgroup.ie
  RedirectMatch 301 (.*) https://www.amnetgroup.com/en/ie/
</VirtualHost>

<VirtualHost *:80>
  ServerName www.amnetgroup.com


  DocumentRoot "/sites/amnetgroup.com/public_html"

  Redirect permanent / https://www.amnetgroup.com/

  CustomLog /sites/logs/apache/amnetgroup.com-access.log combined
  ErrorLog /sites/logs/apache/amnetgroup.com-error.log

<IfModule worker.c>
  StartServers         4
  MaxClients         300
  MinSpareThreads     25
  MaxSpareThreads     75
  ThreadsPerChild     25
  MaxRequestsPerChild  0
</IfModule>

ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://127.0.0.1:9054/sites/amnetgroup.com/public_html/$1
DirectoryIndex index.php

DirectoryIndex index.php
php_value memory_limit 1024M

        <Directory "/sites/amnetgroup.com/public_html/">
                Options Indexes FollowSymLinks
                AllowOverride All
                Require all granted
        </Directory>
  RewriteEngine On
  RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
  RewriteRule .* - [F]
</VirtualHost>

<VirtualHost *:443>
  ServerName amnetgroup.com
  SSLEngine on
  SSLCertificateFile /ssl/amnetgroup.com/cert/amnetgroup.com.crt
  SSLCertificateKeyFile /ssl/amnetgroup.com/src/amnetgroup.com.key
  SSLCertificateChainFile /ssl/amnetgroup.com/cert/amnetgroup.com-bundle

  SSLProtocol         all -SSLv3 -TLSv1 -TLSv1.1
  SSLCipherSuite      ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
  SSLHonorCipherOrder on
  SSLCompression      off
  SSLSessionTickets   off

  Redirect permanent / https://www.amnetgroup.com/

  RewriteEngine On
  RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|HEAD)
  RewriteRule .* - [F]
</VirtualHost>

<VirtualHost *:443>
  ServerName www.amnetgroup.com
  SSLEngine on
  SSLCertificateFile /ssl/amnetgroup.com/cert/amnetgroup.com.crt
  SSLCertificateKeyFile /ssl/amnetgroup.com/src/amnetgroup.com.key
  SSLCertificateChainFile /ssl/amnetgroup.com/cert/amnetgroup.com-bundle

  SSLProtocol         all -SSLv3 -TLSv1 -TLSv1.1
  SSLCipherSuite      ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
  SSLHonorCipherOrder on
  SSLCompression      off
  SSLSessionTickets   off

  DocumentRoot "/sites/amnetgroup.com/public_html"

  CustomLog /sites/logs/apache/amnetgroup.com-access.log combined
  ErrorLog /sites/logs/apache/amnetgroup.com-error.log

<IfModule worker.c>
  StartServers         4
  MaxClients         300
  MinSpareThreads     25
  MaxSpareThreads     75
  ThreadsPerChild     25
  MaxRequestsPerChild  0
</IfModule>

ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://127.0.0.1:9054/sites/amnetgroup.com/public_html/$1
DirectoryIndex index.php
php_value memory_limit 1024M

        <Directory "/sites/amnetgroup.com/public_html/">
                Options Indexes FollowSymLinks
                AllowOverride All
                Require all granted
        </Directory>
  RewriteEngine On
  RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|HEAD)
  RewriteRule .* - [F]
</VirtualHost>

Regards
Sachin Kumar

On Sun, Jan 5, 2020 at 11:45 PM @lbutlr <kremels@xxxxxxxxx> wrote:
On 04 Jan 2020, at 10:02, Sac Isilia <udaypratap.singh65@xxxxxxxxx> wrote:
> ah01909: rsa certificate configured for xxxxxxxxxxx:443 does not include an id which matches the server name 
>
>   Please help me in resolving this issue.

That seems clear to me.

What is the server name and what are the servers listed in the certificate? Is there a match?

Are you sure?

Are you looking at the right certificate? Is the server looking at the right certificate? Has apache been restarted?



--
NOTHING IS FINAL. NOTHING IS ABSOLUTE. EXCEPT ME, OF COURSE. SUCH
        TINKERING WITH DESTINY COULD MEAN THE DOWNFALL OF THE WORLD.
        THERE MUST BE A CHANCE, HOWEVER SMALL. THE LAWYERS OF FATE DEMAND
        A LOOPHOLE IN EVERY PROPHECY. —Sourcery


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx

[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux