• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 145
  • Last Modified:

Apache ignoring ssl config

I have a centos 7 server running apache.

All of a sudden the site is not configured using the ssl certificate.

It is using the locahost certificate and thus making the site insecure.

I have checked my apache config (below) and all looks fine.

This one really does have me stumped as it was working fine.

The only error i can see is
[Mon Jul 18 10:56:15.299743 2016] [ssl:warn] [pid 1377] AH01909: RSA certificate configured for domain.com:443 does NOT include an ID which matches the server name


<VirtualHost 1.1.1.1:80>
      ServerName domain.com
       DocumentRoot /var/www/html/domain.com/live/httpdocs/
</VirtualHost>

<VirtualHost 1.1.1.1:443>
      ServerName domain.com:443
       DocumentRoot /var/www/html/domain.com/live/httpdocs/
        SSLEngine on
        SSLCertificateFile /etc/pki/tls/certs/domain.com.crt
        SSLCertificateKeyFile /etc/pki/tls/private/domain.com.key
      SSLCertificateChainFile /etc/pki/tls/certs/domain.com.ca-bundle
      SSLProtocol all -SSLv2 -SSLv3
      SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4"
      SSLHonorCipherOrder on
</VirtualHost>
Capture.JPG
0
timb551
Asked:
timb551
  • 2
1 Solution
 
Peter HutchisonSenior Network Systems SpecialistCommented:
Check that the certificates are copied ok to /etc/pki/tls/certs and the permissions are set to allow read from the system.

You can view the certificate file to see if it is the correct one and that is has not expired.

e.g.
openssl x509 -in /etc/pki/tls/certs/domain.com.crt -inform pem -noout -text
0
 
timb551Author Commented:
checked all that and its fine.

For some reason it seems to be taking the config from the ssl.conf file rather than the httpd.conf file.

I have altered the ssl to include the sites certs and its working now but i dont know why a server that hasnt been touch would have changed its setup.
0
 
timb551Author Commented:
ssl.conf was taking precedence over httpd.conf

Added ssl to ssl.conf and all started working.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Microsoft Azure 2017

Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now