Solved

apache2 SSL install help

Posted on 2016-08-01
6
22 Views
Last Modified: 2016-08-07
I have apache2 running with self-signed SSL and all is functional.
I obtained a certificate, disabled the self-signed-ssl.conf , and created my own server-ssl.conf
I copied the server.crt to /etc/ssl/certs.
I copied the server.key to /etc/ssl/private
I added the content of certificate.ca.crt to the end of /etc/ssl/ca-certificates.crt
Added the following to server-ssl.conf:

SSLEngine on
SSLCertificateFile /etc/ssl/certs/server.crt
SSLCertificateKeyFile /etc/ssl/private/server.key
SSLCertificateChainFile /etc/ssl/certs/ca-certificates.crt

Open in new window

enabled my config:
a2ensite server-ssl
apachectl configtest (returns: Syntax OK)
service apache2 restart (returns no errors)

Open in new window


Browse the https site with Chrome fails with: ERR_SSL_PROTOCOL_ERROR

Chrome Security Overview
Can someone point me in the next direction to resolve this?
0
Comment
Question by:scarpenter104
  • 4
  • 2
6 Comments
 
LVL 4

Expert Comment

by:Branislav Borojevic
ID: 41738120
Can you please tell me what OS are you running on your server?
0
 
LVL 1

Author Comment

by:scarpenter104
ID: 41738146
Ubuntu Linux
0
 
LVL 4

Expert Comment

by:Branislav Borojevic
ID: 41738148
I assume you are using OpenSSL?

Please check this link:https://www.digitalocean.com/community/tutorials/how-to-create-a-self-signed-ssl-certificate-for-apache-in-ubuntu-16-04

It should help you go through the whole process, and see what you might have missed.

Good luck!
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
LVL 1

Author Comment

by:scarpenter104
ID: 41738322
The link above is for creating a self-signed certificate. As stated above, I already have a self-signed certificate working.
I have now installed a certificate from a CA and according to the Chrome overview, the certificate is showing up as trusted and valid. However, the server fails with an ERR_SSL_PROTOCOL_ERROR.
I'm hoping to find someone who is familiar with apache2 and knows what would cause an SSL error when everything appears to be functioning properly.
0
 
LVL 1

Accepted Solution

by:
scarpenter104 earned 0 total points
ID: 41739576
I suspect the problem was with the CA certificate format. Downloaded the certificates in a combined .pem file, set all three paths to that same file and all works perfectly.
0
 
LVL 1

Author Closing Comment

by:scarpenter104
ID: 41746094
No other useful contributions made. Sometimes a little extra digging and a little luck is all you need.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Introduction As you’re probably aware the HTTP protocol offers basic / weak authentication, which in combination with the relevant configuration on your web server, provides the ability to password protect all or part of your host.  If you were not…
Microservice architecture adoption brings many advantages, but can add intricacy. Selecting the right orchestration tool is most important for business specific needs.
Along with being a a promotional video for my three-day Annielytics Dashboard Seminor, this Micro Tutorial is an intro to Google Analytics API data.
Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now