Setting up SSL on apache on linux ubuntu

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Posted by ThomasReggi on Server Fault See other posts from Server Fault or by ThomasReggi
Published on 2012-06-28T20:09:02Z Indexed on 2012/06/28 21:18 UTC
Read the original article Hit count: 397

Filed under:
|
|
|
|

I'm trying to get SSL to run on my apache web server.

I do not have the DNS for the domain setup yet is that an issue?

How do I setup SSL on my web server?

When I start apache it fails.

root@vannevar:/etc/apache2/ssl# service apache2 start
 * Starting web server apache2                                                                                                                         Action 'start' failed.
The Apache error log may have more information.

The log stats that it's unable to read the certificate.

[Thu Jun 28 15:01:02 2012] [error] Init: Unable to read server certificate from file /etc/apache2/ssl/www.example.com.csr
[Thu Jun 28 15:01:02 2012] [error] SSL Library Error: 218529960 error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Thu Jun 28 15:01:02 2012] [error] SSL Library Error: 218595386 error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error

The contents of /etc/apache2/httpd.conf

ServerName [SERVERIP]

The contents of /etc/apache2/ports.conf

# If you just change the port or add more ports here, you will likely also
# have to change the VirtualHost statement in
# /etc/apache2/sites-enabled/000-default
# This is also true if you have upgraded from before 2.2.9-3 (i.e. from
# Debian etch). See /usr/share/doc/apache2.2-common/NEWS.Debian.gz and
# README.Debian.gz

NameVirtualHost [SERVERIP]:443
NameVirtualHost *:80
Listen 80

<IfModule mod_ssl.c>
    # If you add NameVirtualHost *:443 here, you will also have to change
    # the VirtualHost statement in /etc/apache2/sites-available/default-ssl
    # to <VirtualHost *:443>
    # Server Name Indication for SSL named virtual hosts is currently not
    # supported by MSIE on Windows XP.
    Listen 443
</IfModule>

<IfModule mod_gnutls.c>
    Listen 443
</IfModule>

The contents of /etc/apache2/sites-available/www.example.com

<VirtualHost *:80>
     ServerAdmin [email protected]
     ServerName example.com
     ServerAlias www.example.com
     DocumentRoot /srv/sites/example.com/public/
     ErrorLog /srv/sites/example.com/logs/error.log
     CustomLog /srv/sites/example.com/logs/access.log combined
</VirtualHost>

<VirtualHost [SERVERIP]:443>
     SSLEngine On
     SSLCertificateFile /etc/apache2/ssl/www.example.com.csr
     SSLCertificateKeyFile /etc/apache2/ssl/www.example.com.key
     SSLCACertificateFile /etc/apache2/ssl/comodo.crt

     ServerAdmin [email protected]
     ServerName example.com
     ServerAlias www.example.com
     DocumentRoot /srv/sites/example.com/public/
     ErrorLog /srv/sites/example.com/logs/error.log
     CustomLog /srv/sites/example.com/logs/access.log combined
</VirtualHost>

© Server Fault or respective owner

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Related posts about linux

Related posts about apache2

Categories cloud

.NET ASP.NET iphone linux python Windows mysql android sql windows-7 html c ruby-on-rails css objective-c ubuntu networking sql-server wpf asp.net-mvc ruby database Xml apache AJAX osx security regex django Performance 12.04 windows-xp mac web-development iphone-sdk vb.net Silverlight apache2 flash server perl best-practices email installation eclipse visual-studio algorithm windows-server-2008 winforms wcf firefox bash dns /Oracle