loopforever
Verified User
Hi all,
Really stumped here - hoping someone can help shed some light on an SSL problem I'm having.
The problem: On this particular server, I have exactly one SSL certificate. It belongs to the primary IP address of the server. This primary IP is shared among a number of other vhosts. Upon starting Apache, I get the following error in my error_log:
Several times.
Here is the entry for this virtual host from its appropriate httpd.conf file:
The certificate from /etc/httpd/conf/ssl.crt/server.crt (openssl x509 -in server.crt -noout -subject) reads as follows:
It's important to note that this particular certificate worked fine on this machine for several years. Some recent upgrading has broken something, but I can't put my finger on the source.
I have tried having DA rewrite all the httpd.confs. No avail. I also manually changed the ServerName directive for this vhost (by removing the www. so as to match it exactly to the SSL cert (no www.)). No luck.
If anyone has experienced this before, or has any advice, please let me know. I'm really pulling my hair out here !!!
Thanks in advance!
Really stumped here - hoping someone can help shed some light on an SSL problem I'm having.
The problem: On this particular server, I have exactly one SSL certificate. It belongs to the primary IP address of the server. This primary IP is shared among a number of other vhosts. Upon starting Apache, I get the following error in my error_log:
Code:
[Fri Jun 27 19:03:45 2008] [warn] RSA server certificate CommonName (CN) `secure.mydomain.com' does NOT match server name!?
Several times.
Here is the entry for this virtual host from its appropriate httpd.conf file:
Code:
<VirtualHost 1.2.3.4:443>
SSLEngine on
SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key
ServerName www.secure.mydomain.com
ServerAlias www.secure.serveio.com secure.mydomain.com
ServerAdmin [email protected]
DocumentRoot /home/sslaccount/domains/secure.mydomain.com/private_html
ScriptAlias /cgi-bin/ /home/sslaccount/domains/secure.mydomain.com/public_html/cgi-bin/
UseCanonicalName OFF
SuexecUserGroup sslaccount sslaccount
CustomLog /var/log/httpd/domains/secure.mydomain.com.bytes bytes
CustomLog /var/log/httpd/domains/secure.mydomain.com.log combined
ErrorLog /var/log/httpd/domains/secure.mydomain.com.error.log
<Directory /home/sslaccount/domains/secure.mydomain.com/private_html>
Options +Includes -Indexes
php_admin_flag engine ON
<IfModule !mod_php6.c>
php_admin_flag safe_mode ON
</IfModule>
php_admin_value sendmail_path '/usr/sbin/sendmail -t -i -f [email protected]'
</Directory>
</VirtualHost>
The certificate from /etc/httpd/conf/ssl.crt/server.crt (openssl x509 -in server.crt -noout -subject) reads as follows:
Code:
subject= /C=US/O=secure.mydomain.com/OU=GT97384851/OU=See www.rapidssl.com/resources/cps (c)07/OU=Domain Control Validated - RapidSSL(R)/CN=secure.mydomain.com
It's important to note that this particular certificate worked fine on this machine for several years. Some recent upgrading has broken something, but I can't put my finger on the source.
I have tried having DA rewrite all the httpd.confs. No avail. I also manually changed the ServerName directive for this vhost (by removing the www. so as to match it exactly to the SSL cert (no www.)). No luck.
If anyone has experienced this before, or has any advice, please let me know. I'm really pulling my hair out here !!!
Thanks in advance!