I am running a website with a proper .com domain name from Mamp Pro. I'd like it to be accessible using https.
I bought a Comodo SSL certificate. I got Mamp Pro working fine with a self-signed certificate, but can't get it to recognise the Comodo SSL cert and key files. When I select them in Mamp Pro's Hosts > SSL tab, the "Save" button greys out so I can't save the change.
It's as if the files are being checked and seen as invalid or something.
The Comodo SSL cert came as a ZIP file with four certificate files: one for my domain and 3 "intermediate" certs. I combined the latter three into PositiveSSL.ca-bundle as per https://www.devside.net/wamp-server/installing-comodo-positivessl-certificate-bundled-with-root-and-intermediate-ca-certificates-on-apache but don't know where to tell Mamp about this file.
I'd be very grateful for any ideas!
Sadly it appears Mamp Pro isn't capable of using the Comodo SSL cert.
At this point, Mamp Pro is still running Apache 2.2, but Apache < 2.4.8 does not accept the certificate and CA bundle combined in a single file.
Related
I had https on my wordpress site working with a an ip address and self signed certificate fine. I set up the dns for the domain and installed and ran letsencrypt "successfully" but ssl connections to the domain are still trying to reference the original self signed certificate rather than the newly created ones (where are they?) and I'm not sure where to start troubleshooting
Running Apache2 on Debian Buster
Cheers
I'm not sure this was the correct way to fix it, but I went into the apache ssl conf file and changed the paths of the temporary certs i'd set up to the new letsencrypt cert file paths and restarted apache, and it worked!
Im using hostgator as my host.They do not provide free ssl certificate.So im using cloudflare free ssl certificate for my site.SSL certificate working everywhere except Cpanel.
I tried manually adding ssl through cpanel option.But not really working!Is there any way i can add it there?
Or it will be really good if my cpnael url cpanel.site.com won't just show up to that address.
If you want to use the CloudFlare SSL certificate then there is no need to add that SSL certificate to yoru cpanel nor to your site. Read the cloudflare documentation in order to see how to create and use Page Rules and their SSL certificate. cPanel has nothing to do with it. CF works just fine with cPanel/WHM and pretty much with any other related hosting panel. Your site can be http only in cPnel and then you do the HTTPS redirection from Clouflare using their Flexible SSL and page rules
cpanel.yourdomain.com ssl is related to server side. If your host allow autossl with Let's Encrypt (for example) then it will install ssl for all your necessary subdomains like webmail, cpanel, mail, www etc. If you are installing ssl manually, then you cannot install it for cpanel subdomain. However if you want to use cpanel securely and have enabled ssl with yourdomain.com the you can use it:
https://yourdomain.com:2083
Just upgraded to Mamp Pro 3.5 from simple MAMP and all worked great till I added a self signed cert.
My document root for my local.mysite.com was set to htdocs/html/magento
Site works fine using http.
When I add the self signed ssl the site now only works correctly at https pages. If I try to go to any page without https such as http://local.mysite.com/store I get this in the apache log:
File does not exist: /Applications/MAMP/htdocs/store
If I uncheck the ssl the http urls all work again.
Did I miss something in the set up?
Thanks
It's far from obvious, but you can actually add a second host with the exact same domain name (local.mysite.com in your case) but this time leave SSL disabled on the SSL tab.
You'll therefore have two hosts, both for local.mysite.com. One is for https and the other for http.
I recently successfully installed Letsencrypt, and my site seems to work well with https. When i visit it e.g https://example.com, no errors/warnings appear. However when i visit it with https://www.example.com, (including www) in all browser I get some sort of warning, for example, in chrome:
Your connection is not private
Attackers might be trying to steal your information from
www.example.com (for example, passwords, messages, or credit cards).
NET::ERR_CERT_COMMON_NAME_INVALID
And in opera:
Opera cannot verify the identity of the server "www.example.com", due to a certificate problem. The server could be trying to trick you.
My server runs apache and https works wonderfully when not www. In /etc/letsencrypt/live/www.example.com/ I have:
cert.pem chain.pem fullchain.pem privkey.pem
Would appreciate any help and do ask if you require further detail. Hope this helps others too.
This is saying the cert is not valid for www.example.com.
Could be several reasons for this including:
You didn't specify this when creating the cert and only asked for example.com. Though weird that LetsEncrypt has put it in the www.example.com directory, suggesting you did do this right.
You made a typo in the domain name.
You included the protocol (http/https) in the domain name and/or the port (443). These should not be in the cert request and just the domain name.
You have a separate cert for example.com and www.example.com and have only one configured in Apache. Most sites use the same cert for both and have both versions valid for the domain.
Probably best to view the cert to rule out some of these. This can either be done in the browser by clicking on the green padlock when viewing https://example.com and/or running this command:
openssl x509 -in /etc/letsencrypt/live/www.example.com/cert.pem -text
You can also use the https://www.ssllabs.com/ssltest/ online tool to view your SSL setup (in fact I'd recommend to do this anyway!).
It might be late but the problem is there because you didn't mentioned www.exemple.com in the certbot setup.
to add the domain to your certificate just run this command
sudo certbot --expand -d www.camelges.com
then restart your apache server
if you are on ubuntu service apache2 restart
Reference: https://certbot.eff.org/docs/using.html#re-creating-and-updating-existing-certificates
From their post here:
Can I get a certificate for multiple domain names (SAN certificates)?
Yes, the same certificate can apply to several different names using
the Subject Alternative Name (SAN) mechanism. The Let's Encrypt client
automatically requests certificates for multiple names when requested
to do so. The resulting certificates will be accepted by browsers for
any of the domain names listed in them.
If your common name is example.com you will need to set a SAN as www.example.com when generating the certificate request.
Adding to the points from BazzaDP, (From my own experience).
5) if you have virtual configuration files where ServerName is same but ServerAlias is different then you will be getting same err, hence you should change ServerName.
You need to generate certificate for both URL's, by example:
sudo certbot --apache -d mydomain.com,www.mydomain.com
How would I self assign a SSL Cert on Apache (XAMPP) on a Windows 2003 server? I have researched and the farest I got was a broken SSL Cert with "Common name" problem.
Post your guide or links here,
Thanks.
If you are in development and using localhost, the common name of your ssl certificate should be localhost. If you are using a machine that uses dns (or the hosts file) you should use that host name as the certificate common name (cn). E.g. if you are using www.mydomain.com you should create a certificate with that name. You can also create a certificate with the name *.mydomain.com that you should be able to use on all subdomains of mydomain.com. You may want to read this tuturial on the subject.