Hi there,
I see the following error messages in the ssl_error_log file when I
restart Apache:
RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?
RSA server certificate CommonName (CN) 'localhost.localdomain' does
NOT match server name!?
I appreciate any pointers to solve this issue. Thank you!
Regards,
Shashi
More details:
Environment: Apache 2.2.3-45, Tomcat 6, CentOS 5.5 64-bit
/* httpd.conf */
Include conf/extra/httpd-vhosts.conf
Include conf/extra/httpd-default.conf
Include conf/extra/httpd-ssl.conf
/* httpd-vhosts.conf */
<VirtualHost *:80>
ServerAdmin joe@xxxxxxx
ServerName www.xyz.com
ServerAlias xyz.com
ErrorLog "logs/ajp.error.log"
<Proxy *>
AddDefaultCharset Off
Order deny,allow
Allow from all
</Proxy>
ProxyPass / ajp://localhost:8009/
ProxyPassReverse / ajp://localhost:8009/
</VirtualHost>
/* httpd-ssl.conf */
NameVirtualHost *:443
<VirtualHost *:443>
ServerName www.xyz.com
ServerAdmin joe@xxxxxxx
ErrorLog "/etc/httpd/logs/error_log"
TransferLog "/etc/httpd/logs/ssl_access_log"
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile "/usr/local/xyzssl/xyz.com.crt"
SSLCertificateKeyFile "/usr/local/xyzssl/xyz.key"
SSLCertificateChainFile "/usr/local/xyzssl/gd_bundle.crt"
CustomLog "/etc/httpd/logs/ssl_request_log" \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
<Proxy *>
AddDefaultCharset Off
Order deny,allow
Allow from all
</Proxy>
ProxyPass / ajp://localhost:8009/
ProxyPassReverse / ajp://localhost:8009/
</VirtualHost>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|