?
Solved

apache2 SSL install help

Posted on 2016-08-01
6
Medium Priority
?
29 Views
Last Modified: 2016-08-07
I have apache2 running with self-signed SSL and all is functional.
I obtained a certificate, disabled the self-signed-ssl.conf , and created my own server-ssl.conf
I copied the server.crt to /etc/ssl/certs.
I copied the server.key to /etc/ssl/private
I added the content of certificate.ca.crt to the end of /etc/ssl/ca-certificates.crt
Added the following to server-ssl.conf:

SSLEngine on
SSLCertificateFile /etc/ssl/certs/server.crt
SSLCertificateKeyFile /etc/ssl/private/server.key
SSLCertificateChainFile /etc/ssl/certs/ca-certificates.crt

Open in new window

enabled my config:
a2ensite server-ssl
apachectl configtest (returns: Syntax OK)
service apache2 restart (returns no errors)

Open in new window


Browse the https site with Chrome fails with: ERR_SSL_PROTOCOL_ERROR

Chrome Security Overview
Can someone point me in the next direction to resolve this?
0
Comment
Question by:scarpenter104
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
6 Comments
 
LVL 4

Expert Comment

by:Branislav Borojevic
ID: 41738120
Can you please tell me what OS are you running on your server?
0
 
LVL 1

Author Comment

by:scarpenter104
ID: 41738146
Ubuntu Linux
0
 
LVL 4

Expert Comment

by:Branislav Borojevic
ID: 41738148
I assume you are using OpenSSL?

Please check this link:https://www.digitalocean.com/community/tutorials/how-to-create-a-self-signed-ssl-certificate-for-apache-in-ubuntu-16-04

It should help you go through the whole process, and see what you might have missed.

Good luck!
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 1

Author Comment

by:scarpenter104
ID: 41738322
The link above is for creating a self-signed certificate. As stated above, I already have a self-signed certificate working.
I have now installed a certificate from a CA and according to the Chrome overview, the certificate is showing up as trusted and valid. However, the server fails with an ERR_SSL_PROTOCOL_ERROR.
I'm hoping to find someone who is familiar with apache2 and knows what would cause an SSL error when everything appears to be functioning properly.
0
 
LVL 1

Accepted Solution

by:
scarpenter104 earned 0 total points
ID: 41739576
I suspect the problem was with the CA certificate format. Downloaded the certificates in a combined .pem file, set all three paths to that same file and all works perfectly.
0
 
LVL 1

Author Closing Comment

by:scarpenter104
ID: 41746094
No other useful contributions made. Sometimes a little extra digging and a little luck is all you need.
0

Featured Post

WatchGuard's M Series Appliances - Miecom Approved

WatchGuard's newest M series appliances were put to the test by Miercom.  We had great results and outperformed all of our competitors in both stateless and stateful traffic throghput scenarios! Ready to see how your UTM appliance stacked up? Download the Miercom Report!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

#SSL #TLS #Citrix #HTTPS #PKI #Compliance #Certificate #Encryption #StoreFront #Web Interface #Citrix XenApp
SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question