Can any one help me in configuring xampp apache server for ssl.
I have tried configuring it as follows in http-ssl:
<VirtualHost *:8443>
DocumentRoot "project_path"
ServerName domainName
ServerAlias domainName
ErrorLog "errorLog Path
TransferLog "access Log Path"
SSLEngine on
SSLCertificateFile "conf/ssl.crt/server.crt"
SSLCertificateKeyFile "conf/ssl.key/server.key"
SSLCertificateChainFile "conf/ssl.crt/bundleChain.crt"
</VirtualHost>
Errors:
When i tried accessing it with DomainName.
The site cant be reached.
When i tried accessing it with IP and Port.
The certificate is issued for domainName and hence ERR_CERT_COMMON_NAME_INVALID
Help is appreciated.
Related
I have a web-app that runs on several country domains with the same code. Apache is configured with aliases. This works, except for the point of configuring individual SSL-certs:
ServerAlias *.server-at
ServerAlias *.server-ch
ServerAlias *.server-es
SSLEngine on
SSLCertificateFile /etc/ssl/certs/rex.server-de.crt
SSLCertificateKeyFile /etc/ssl/private/rex.server-de.key
Is it possible with apache2 to configure more than one SSL certificate inside a virtualhost container?
You can configure the individual certificates easily using a virtual host for each domain differentiating requests by ServerName. For example
listen 443
<VirtualHost *:443>
ServerName rex.server.de:443
SSLEngine on
SSLCertificateFile " /etc/ssl/certs/rex.server-de.crt"
SSLCertificateKeyFile " /etc/ssl/certs/rex.server-de.key"
</VirtualHost>
<VirtualHost *:443>
ServerName rex.server.at:443
SSLEngine on
SSLCertificateFile " /etc/ssl/certs/rex.server-at.crt"
SSLCertificateKeyFile " /etc/ssl/certs/rex.server-at.key"
</VirtualHost>
To enable SSL, I've uncommented this line in httpd.conf:
# Secure (SSL/TLS) connections
Include /Applications/MAMP/conf/apache/extra/httpd-ssl.conf
The httpd-ssl.conf file itself I've left untouched, and created .crt and .key files for a self-signed SSL certificate in the places it's expecting to see them by default:
SSLCertificateFile "/Applications/MAMP/conf/apache/server.crt"
SSLCertificateKeyFile "/Applications/MAMP/conf/apache/server.key"
Back in the main httpd.conf, I've created a VirtualHost for a site I want to use SSL, and configured like this to eventually get it working:
NameVirtualHost *
<VirtualHost *>
DocumentRoot "/Users/jonnott/Documents/sslsite1.dev"
ServerName sslsite1.dev:443
ServerAlias www.sslsite1.dev
SSLEngine on
SSLCertificateFile "/Applications/MAMP/conf/apache/server.crt"
SSLCertificateKeyFile "/Applications/MAMP/conf/apache/server.key"
</VirtualHost>
This SSL site now works fine.
However, the problem I have is that now whenever I try to visit any local non-SSL hosts, I get this error:
Bad Request
Your browser sent a request that this server could not understand.
Reason: You're speaking plain HTTP to an SSL-enabled server port.
Instead use the HTTPS scheme to access this URL, please.
These other non-SSL sites are configured in httpd.conf like this:
<VirtualHost *>
DocumentRoot "/Users/jonnott/Documents/site2.dev"
ServerName site2.dev
ServerAlias www.site2.dev
</VirtualHost>
What am I missing / doing wrong?
I think I've pretty much figured it out after reading this:
http://httpd.apache.org/docs/2.0/ssl/ssl_faq.html#vhosts2
I needed BOTH of these in my httpd.conf before the start of my VirtualHost directives:
NameVirtualHost *:80
NameVirtualHost *:443
..and then each VirtualHost needed to be port-specific:
<VirtualHost *:80>
DocumentRoot "/Users/jonnott/Documents/Projects/site1"
ServerName site1.dev:80
</VirtualHost>
<VirtualHost *:443>
DocumentRoot "/Users/jonnott/Documents/Projects/site1"
ServerName site1.dev:443
SSLEngine on
SSLCertificateFile "/Applications/MAMP/conf/apache/server.crt"
SSLCertificateKeyFile "/Applications/MAMP/conf/apache/server.key"
</VirtualHost>
I am encountering a very curious problem with my ubuntu server setup. I am running a few websites using a LAMP stack.
One of the websites has a dedicated ip and a comodo ssl certificate. The other websites are on a shared ip and use let'sencrypt ssl certificates.
Here's the virtual host config for the website on the dedicated ip:
# domain: example.com
# public: /home/myhomefolder/public/example.com/
<VirtualHost actual_dedicated_ip:80>
# Admin email, Server Name (domain name), and any aliases
ServerAdmin admin#example.com
ServerName www.example.com
ServerAlias example.com
Redirect permanent / https://www.example.com/
# Index file and Document Root (where the public files are located)
DirectoryIndex index.html index.php
DocumentRoot /home/myhomefolder/public/example.com/public
# Log file locations
LogLevel warn
ErrorLog /home/myhomefolder/public/example.com/log/error.log
CustomLog /home/myhomefolder/public/example.com/log/access.log combined
</VirtualHost>
<VirtualHost actual_dedicated_ip:443>
SSLEngine On
SSLProtocol ALL -SSLv2 -SSLv3
SSLHonorCipherOrder On
SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
SSLCertificateFile /etc/apache2/ssl/www.example.com.crt
SSLCertificateKeyFile /etc/apache2/ssl/www.example.com.key
SSLCertificateChainFile /etc/apache2/ssl/www.example.com.ca-bundle
<Directory /home/myhomefolder/public/example.com/public>
Require all granted
AllowOverride ALL
</Directory>
ServerAdmin admin#example.com
ServerName example.com
DocumentRoot /home/myhomefolder/public/example.com/public
ErrorLog /home/myhomefolder/public/example.com/log/https_error.log
CustomLog /home/myhomefolder/public/example.com/log/https_access.log combined
</VirtualHost>
Everything works fine except on specific networks (so far I can only reproduce this on my iphone when connected to Verizon LTE but not when connected to wifi) I get either an error saying "Safari cannot open the page because too many redirects occurred" or I get a prompt with "cannot verify server identity" and the certificate details is for another websites on the same host but a different ip.
Any ideas of what may be causing this?
So I finally got to the bottom of this. It looks like verizon is using ipv6 and my vhost had only ipv4 configuration. As soon as I added my ipv6 ip in my vhost, the problem went away.
I have website on ubuntu with apache server. Domain is from godaddy. When I type example.com it's running file under SSL (with https). But, for www.example.com it's giving me below error.
www.example.com uses an invalid security certificate. The certificate is only valid for the following names: someother.com, www.someother.com, someother.com (Error code: ssl_error_bad_cert_domain)
What I did?
I tried to talk with godaddy. They suggested me to disable SSL v3 from apache server. Everything is ok from their side.
Then I changed ssl.conf file with this: SSLProtocol All -SSLv2 -SSLv3 according to this documentation. But, still it's giving me the same error.
configurations
<VirtualHost *:80>
ServerAdmin myemail#gmail.com
ServerName example.com
ServerAlias www.example.com
DocumentRoot /var/www/example/public_html
ErrorLog /var/www/example/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost _default_:443>
ServerName example.com
DocumentRoot /var/www/example/public_html
ErrorLog /var/www/example/error.log
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/example.crt
SSLCertificateKeyFile /etc/apache2/ssl/example.key
SSLCertificateChainFile /etc/apache2/ssl/example-bundle.crt
</VirtualHost>
Let me know if you need more info.
What if I'm doing an SSL because I need a redirect URI that's https:// so I have this in my xamp apache httpd:
DocumentRoot "C:/x/htdocs/project-lara/public"
ServerName fuseuca.com
SSLEngine on
SSLCertificateFile "conf/ssl.crt/server.crt"
SSLCertificateKeyFile "conf/ssl.key/server.key"
AllowOverride All
Order allow,deny
Allow from all
I also configured the hosts 127.0.0.1 fuseuca.com
But i still get Web page not available: Error code: ERR_CONNECTION_REFUSED.