Migrating SSL
I am migrating some sites from a rackspace account to a centOS apache server. one of the sites at at rackspace has an SSL certificate. I have the domainname.crt certificate file, the cabundle.crt bundle file and the private key from rackspace.
I put those files on the new server and directed the virtual host to them in the httpd.conf file. and installed the mod_ssl package.
now if i edit my hosts file on my client machine to direct the domain to the new server I get a "The security certificate presented by this website was not issued by a trusted certificate authority.
The security certificate presented by this website was issued for a different website's address."
I dont want to switch the ip address of the public domain name to the new server until I see that ssl is working correctly on the new server that is why I am modifying my host file to test it. Do I have to get a new certificate signed or is there something about how ssl works that I dont understand?
I put those files on the new server and directed the virtual host to them in the httpd.conf file. and installed the mod_ssl package.
now if i edit my hosts file on my client machine to direct the domain to the new server I get a "The security certificate presented by this website was not issued by a trusted certificate authority.
The security certificate presented by this website was issued for a different website's address."
I dont want to switch the ip address of the public domain name to the new server until I see that ssl is working correctly on the new server that is why I am modifying my host file to test it. Do I have to get a new certificate signed or is there something about how ssl works that I dont understand?
Some ssl certs are designed for ip based. You might want to check the details of the cert file before issuing a new one.
ASKER
according to godaddy where i had initially registered my cerificate, it says that it is registered to the domain.
I'm assuming you must have checked the ssl logs of the apache box for additional errors. If all else fails, I guess you will need to recreate the csr and get it signed.
I am assuming you have a domain name mydomain.tld on the old server, have copied that data to the new server, and plan to redirect mydomain.tld to the new server once you have tested.
in which case, you should copy the cert from the old server to the new, restart the httpd, then place in your CLIENT host file a line with xxx.xxx.xxx.xxx mydomain.tld (replacing xxx with the real IP address and the domain name with the real domain name)
once you do that, connections to mydomain.tld from that host should go to the new box, not the old - allowing testing "in situ".
in which case, you should copy the cert from the old server to the new, restart the httpd, then place in your CLIENT host file a line with xxx.xxx.xxx.xxx mydomain.tld (replacing xxx with the real IP address and the domain name with the real domain name)
once you do that, connections to mydomain.tld from that host should go to the new box, not the old - allowing testing "in situ".
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Since none of the comments assisted the solution, I am going to select this final explaination as the answer to help others who may have this problem in the future.
ASKER