I bought an SSL-certificate for my subdomain. My provider sent me four files:
At https://www.linode.com/docs/security/ssl/ssl-apache2-debian-ubuntu I saw an example of an installation in /etc/apache2/sites-available/example.com.conf. In that example I can only set two files. How do I install these certificates?
I tried to add to the .conf-file:
# SSLCACertificateFile /etc/ssl/certs/ca-certificates.crt #If using a self-signed certificate, omit this line
# ServerAlias www.example2.com #If using alternate names for a host
CustomLog /var/www/html/log/access.log combined
When I enter the commands a2enmod ssl and a2ensite my.domain.com I got a large error text with some words in red…
And we should guess which words are red?
Comodo? They sold this business to a company offering surveillance products:
With the files, you normally have your private key, and the certificate file. The rest is usually in a single certificate chain file: https://ssl.comodo.com/support/ssl-certificate-installation-in-apache.php
You can open your files in a text editor. The private key file starts like this
-----BEGIN PRIVATE KEY-----
Normally you should create the certificates yourself, and then they only sign your public key and send your the certificate. The private key should never leave your server. If they create the private key for you, they could have kept a copy (could be interesting for their surveillance products).
Oh no, I don’t want you guess the red words. I forgot to add the picture.
I created a new picture this morning and attach it in this message.
I also create a bundle.crt of the three .crt files my hostingprovider sent me and edited the above mentioned example.com.conf
There is a syntax error in line 18 of /etc/…
I hope you can reproduce the error message and see in which file this problem appears. Check the line and what might be wrong
I was trying to install the certificate again in other ways.
When I enter the command:
my VPS replies: Syntax OK
but when I enter
my VPS replies:
Action ‘start’ failed.
The Apache error log may have more information.
In that error I read no usefull information, only that more information can be found in the error.log in my html directory.
In that file I see a recent added line:
Fri Nov 03 13:12:23.153055 2017] [ssl:emerg] [pid 30972] AH02564: Failed to configure encrypted (?) private key my.domain.com:443:0, check /etc/ssl/private/my_domain_com.cer
So, I know I have to generate a key. But how do I do that?
I deleted the bought SSL-certificate and switched over to Let’s Encrypt. All will work fine at this moment.
Now finetuning my Nextcloud.