2

I am following these steps for SSL :

openssl req -new -newkey rsa:2048 -nodes -keyout domain.key -out domain.crt

This works fine.

openssl req -text -noout -verify -in domain.crt

Works good.

openssl rsa -in domain.key -check

> RSA key ok writing RSA key
> -----BEGIN RSA PRIVATE KEY-----
> 
> 
> .....
> 
> 
> -----END RSA PRIVATE KEY-----

Move .key and .crt file to /etc/apache2/ssl

Open /etc/apache2/sites-available/default-ssl.conf

Add 

SSLEngine on
SSLCertificateFile      /etc/apache2/ssl/domain.crt
SSLCertificateKeyFile /etc/apache2/ssl/domain.key

Next is

sudo a2enmod ssl

sudo service apache2 restart

Error is::

[Wed Jun 13 10:48:03.690496 2018] [ssl:emerg] [pid 2536] AH02562: Failed to configure certificate 172.31.25.100:443:0 (with chain), check /etc/apache2/ssl/domain.crt
    [Wed Jun 13 10:48:03.690538 2018] [ssl:emerg] [pid 2536] SSL Library Error: error:0906D06C:PEM routines:PEM_read_bio:no start line (Expecting: TRUSTED CERTIFICATE) -- Bad file contents or format - or even just a forgotten SSLCertificateKeyFile?
    [Wed Jun 13 10:48:03.690548 2018] [ssl:emerg] [pid 2536] SSL Library Error: error:140DC009:SSL routines:SSL_CTX_use_certificate_chain_file:PEM lib
    AH00016: Configuration Failed
Improve this question
1
  • You haven't signed the certificate. A CSR is not a certificate. Off topic. Commented Jun 13, 2018 at 11:07

1 Answer 1

Reset to default
1

I would recommend you to install ssl automatically. You can do it this by only some codes:

sudo apt-get install git

git clone https://github.com/letsencrypt/letsencrypt

cd letsencrypt/

./letsencrypt-auto

After this it will ask you to accept the terms and if you want to redirect all traffic from http to https. so, you have to read carefully.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.