[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now


apache2 SSL install help

Posted on 2016-08-01
Medium Priority
Last Modified: 2016-08-07
I have apache2 running with self-signed SSL and all is functional.
I obtained a certificate, disabled the self-signed-ssl.conf , and created my own server-ssl.conf
I copied the server.crt to /etc/ssl/certs.
I copied the server.key to /etc/ssl/private
I added the content of certificate.ca.crt to the end of /etc/ssl/ca-certificates.crt
Added the following to server-ssl.conf:

SSLEngine on
SSLCertificateFile /etc/ssl/certs/server.crt
SSLCertificateKeyFile /etc/ssl/private/server.key
SSLCertificateChainFile /etc/ssl/certs/ca-certificates.crt

Open in new window

enabled my config:
a2ensite server-ssl
apachectl configtest (returns: Syntax OK)
service apache2 restart (returns no errors)

Open in new window

Browse the https site with Chrome fails with: ERR_SSL_PROTOCOL_ERROR

Chrome Security Overview
Can someone point me in the next direction to resolve this?
Question by:scarpenter104
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2

Expert Comment

by:Branislav Borojevic
ID: 41738120
Can you please tell me what OS are you running on your server?

Author Comment

ID: 41738146
Ubuntu Linux

Expert Comment

by:Branislav Borojevic
ID: 41738148
I assume you are using OpenSSL?

Please check this link:https://www.digitalocean.com/community/tutorials/how-to-create-a-self-signed-ssl-certificate-for-apache-in-ubuntu-16-04

It should help you go through the whole process, and see what you might have missed.

Good luck!
Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.


Author Comment

ID: 41738322
The link above is for creating a self-signed certificate. As stated above, I already have a self-signed certificate working.
I have now installed a certificate from a CA and according to the Chrome overview, the certificate is showing up as trusted and valid. However, the server fails with an ERR_SSL_PROTOCOL_ERROR.
I'm hoping to find someone who is familiar with apache2 and knows what would cause an SSL error when everything appears to be functioning properly.

Accepted Solution

scarpenter104 earned 0 total points
ID: 41739576
I suspect the problem was with the CA certificate format. Downloaded the certificates in a combined .pem file, set all three paths to that same file and all works perfectly.

Author Closing Comment

ID: 41746094
No other useful contributions made. Sometimes a little extra digging and a little luck is all you need.

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If your site has a few sections that need to be secure when data is transmitted between the server and local computer, such as a /order/ section for ordering or /customer/ which contains customer data, etc it would of course be recommended to secure…
Imagine a situation that you have installed SSL (http://en.wikipedia.org/wiki/Secure_Sockets_Layer) Certificate on your Cisco ASA (Cisco Adaptive Security Appliance) firewall. Installation of SSL certificate on ASA is an another topic for which you …
This course is ideal for IT System Administrators working with VMware vSphere and its associated products in their company infrastructure. This course teaches you how to install and maintain this virtualization technology to store data, prevent vuln…
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB. How Percona can help Percona can help you determine if Percona Server for MongoDB is the right solution for …

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question