Tuesday, May 17, 2016

ubuntu - Apache2 Server should be SSL-aware but has no certificate configured [Hint: SSLCertificateFile] for wild card SSL certificate



I am trying to configure Godaddy Wild Card Certificates on a Apache web server.I am getting the following error:



[Thu Jul 23 02:32:42.499991 2015] [mpm_event:notice] [pid 12293:tid 140626762094464] AH00491: caught SIGTERM, shutting down
[Thu Jul 23 02:32:43.553475 2015] [ssl:emerg] [pid 12529:tid 139774360311680] AH02240: Server should be SSL-aware but has no certificate configured [Hint: SSLCertificateFile] (/etc/apache2/sites-enabled/godaddy-ssl.conf:2)
[Thu Jul 23 02:32:43.553518 2015] [ssl:emerg] [pid 12529:tid 139774360311680] AH02311: Fatal error initialising mod_ssl, exiting. See /var/log/apache2/error.log for more information
[Thu Jul 23 02:35:23.466577 2015] [mpm_event:notice] [pid 12707:tid 139928471259008] AH00489: Apache/2.4.7 (Ubuntu) OpenSSL/1.0.1f configured -- resuming normal operations

[Thu Jul 23 02:35:23.466637 2015] [core:notice] [pid 12707:tid 139928471259008] AH00094: Command line: '/usr/sbin/apache2'


My apache server configuration with redirection for http request to https:





    ServerName saasm2m.com

   ServerAlias saasm2m.com *.saasm2m.com 

    ServerAdmin helloworld@gmail.com
     RewriteEngine on
     ReWriteCond %{SERVER_PORT} !^443$
    RewriteRule ^/?(.*) https://%{HTTP_HOST}/$1 [NC,R,L]



My SSL certificate configuration is 





    
        ServerAdmin saasm2m.com
        ServerName saasm2m.com
        ServerAlias *.saasm2m.com
        DocumentRoot /var/www/html
        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
        SSLEngine on

        SSLCACertificateFile /etc/apache2/ssl/saasm2m.chained.crt

        SSLCertificateKeyFile /etc/apache2/ssl/saasm2m.key
         ServerAdmin helloworld@gmail.com
        ProxyPass / http://localhost:8080/
        ProxyPassReverse / http://localhost:8080/
        ProxyPreserveHost On

        
                        SSLOptions +StdEnvVars
        
        

                        SSLOptions +StdEnvVars
        
        BrowserMatch "MSIE [2-6]" \
                        nokeepalive ssl-unclean-shutdown \
                        downgrade-1.0 force-response-1.0
        BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown




I have changed my ports.conf to add Listen 443 http



Listen 80

NameVirtualHost *:80

        Listen  443 http




        Listen  443



Update:
If i use this configuration it throws a error :AH00491: caught SIGTERM, shutting down



SSLCertificateFile /etc/apache2/ssl/6eba0aa5c1b8.crt
SSLCertificateKeyFile /etc/apache2/ssl/website_ssl.key
SSLCertificateChainFile /etc/apache2/ssl/gd_bundle-g2-g1.crt



I have enabled ssl module by using:sudo a2enmod ssl and activated server configuration files by using sudo a2ensite filename.
Can anyone point out how I can fix this error?



Thank you


Answer



You need to provide a SSLCertificateFile configuration line in addition to the SSLCertificateKeyFile configuration file.



You have configured one of two options for CA certificates. You may not need either. This may be configured with the file that should be the SSLCertificateFile




GoDaddy provides documentation on installing your certificates. According to that the gd_bundle-g2-g1.crt should be configured with the SSLCACertificatePath parameter. This parameter is called SSLCertificateChainFile in Apache versions before 2.4.8.


-

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

linux - How to SSH to ec2 instance in VPC private subnet via NAT server

I have created a VPC in aws with a public subnet and a private subnet. The private subnet does not have direct access to external network. S...