mod_ssl continued
Nigel Wade
nmw at ion.le.ac.uk
Mon Mar 22 10:14:00 UTC 2004
Roger Harrell wrote:
>> Ok, I think I have the apache side of the SSL thing worked out. It seems
>> to be trying to serve the pages. When I go to:
>> https://www.musicwithmeaning.com
>>
>> I get a "Page can not be displayed" error and my SSL error log shows:
>> [warn] RSA server certificate is a CA certificate (BasicConstraints: CA
>> == TRUE !?)
>>
>> Thoughts/comments/help?
>>
>>
>>
>> How did you create the certificate for https?
>> Did you create a CA and use its cert. - the message looks like its
>> saying the cert. is for a CA rather than a server?
>>
>> For my latest https setup I used the makefile in /usr/share/ssl/certs,
>> then copied the pem file it created into
>> /etc/httpd/conf/ssl.crt/server.crt and
>> /etc/httpd/conf/ssl.key/server.key. Very simple.
>
>
> Created a key as per RH customizationg guide:
> in /usr/share/ssl/certs
> make genkey
>
> Then created a self-signed certificate:
> make testcert
>
Sorry, in that case I don't know what the problem is. That method ought to
work - I presume RedHat tested it thoroughly.
Do you get that message every time you try to load a page, or only when the
httpd server starts?
--
Nigel Wade, System Administrator, Space Plasma Physics Group,
University of Leicester, Leicester, LE1 7RH, UK
E-mail : nmw at ion.le.ac.uk
Phone : +44 (0)116 2523548, Fax : +44 (0)116 2523555
More information about the Redhat-install-list
mailing list