how to install a commercial ssl certificate
I'm newb. I followed instructions in linode and still no ssl. The instructions do not include all information. I need all information including ca bundle info. Do I need to install ca bundle to make it work? Tired of getting error record too long and handshake errors. Don't want to work on the errors just the solutions. The solutions for me is to get full instructions for installing a purchased ssl certificate, not instructions for requesting a commercial certificate, not instructions for openssl to generate a certificate.
I deleted the ssl info from host file and will be starting from scratch. If you have a link with all the info I need it would be appreciated. I know its not hard just need complete and correct instructions for newb.
5 Replies
http://httpd.apache.org/docs/2.0/mod/mod_ssl.html
You might need this:
If my guess is wrong, look here:
[error] Invalid method in request \x16\x03\x01
[error] Invalid method in request \x16\x03\x01
3. What Web server are you using? (I'm guessing Apache.) What version?
What distribution of Linux?
What browser are you using to try the certificate?
Can you show us your configuration?
Distribution - Ubuntu 9.10 Karmic
The browsers are Chrome, Firefox and IE 8. Firefox gives error record too long and the other 2 browsers msg site not available. My site works with http but not https.
Nothing in httpd.conf and no ssl.conf file. The file locations
have changed and most of the apache websites haven't updated their instructions or new file locations. The new apache
releases changed the file locations. This is why most instructions
are obselete, except Linode's instructions for installing commercial
ssl. Linode's instructions are very easy to follow, this
is why I was suprised when it didn't work.
/etc/apache2/sites-available/yxx.com
SSLCertificateFile /etc/apache2/ssl/
SSLCertificateKeyFile /etc/apache2/ssl/
SSLCACertificateFile /etc/apache2/ssl/rapidssl.cer
ServerAdmin
ServerName
DocumentRoot /home/abcd/public_html/
ErrorLog /var/log/apache2/error.log
TransferLog /var/log/apache2/access.log
ServerName
DocumentRoot /home/abcd/public_html/
ErrorLog /var/log/apache2/error.log
TransferLog /var/log/apache2/access.log
/etc/apache2/ports.conf
NameVirtualHost *443
NameVirtualHost *80
Listen 80
NameVirtualHost statement here
Listen 443
If you just change the port or add more ports here, you will likely also
have to change the VirtualHost statement in
/etc/apache2/sites-enabled/000-default
This is also true if you have upgraded from before 2.2.9-3 (i.e. from
Debian etch). See /usr/share/doc/apache2.2-common/NEWS.Debian.gz and
README.Debian.gz
/etc/apache2/apache2.conf
Based upon the NCSA server configuration files originally by Rob McCool.
#
This is the main Apache server configuration file. It contains the
configuration directives that give the server its instructions.
See http://httpd.apache.org/docs/2.2/ for detailed information about
the directives.
#
Do NOT simply read the instructions in here without understanding
what they do. They're here only as hints or reminders. If you are unsure
consult the online docs. You have been warned.
#
The configuration directives are grouped into three basic sections:
1. Directives that control the operation of the Apache server process as a
whole (the 'global environment').
2. Directives that define the parameters of the 'main' or 'default' server,
which responds to requests that aren't handled by a virtual host.
These directives also provide default values for the settings
of all virtual hosts.
3. Settings for virtual hosts, which allow Web requests to be sent to
different IP addresses or hostnames and have them handled by the
same Apache server process.
#
Configuration and logfile names: If the filenames you specify for many
of the server's control files begin with "/" (or "drive:/" for Win32), the
server will use that explicit path. If the filenames do not begin
with "/", the value of ServerRoot is prepended – so "/var/log/apache2/foo.log"
with ServerRoot set to "" will be interpreted by the
server as "//var/log/apache2/foo.log".
#
Section 1: Global Environment
#
The directives in this section affect the overall operation of Apache,
such as the number of concurrent requests it can handle or where it
can find its configuration files.
#
#
ServerRoot: The top of the directory tree under which the server's
configuration, error, and log files are kept.
#
NOTE! If you intend to place this on an NFS (or otherwise network)
mounted filesystem then please read the LockFile documentation (available
at http://httpd.apache.org/docs-2.1/mod/mp … l#lockfile">http://httpd.apache.org/docs-2.1/mod/mpm_common.html#lockfile >);
you will save yourself a lot of trouble.
#
Do NOT add a slash at the end of the directory path.
#
ServerRoot "/etc/apache2"
#
The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
#
# LockFile /var/lock/apache2/accept.lock
#
PidFile: The file in which the server should record its process
identification number when it starts.
This needs to be set in /etc/apache2/envvars
#
PidFile ${APACHEPIDFILE}
#
Timeout: The number of seconds before receives and sends time out.
#
Timeout 300
#
KeepAlive: Whether or not to allow persistent connections (more than
one request per connection). Set to "Off" to deactivate.
#
KeepAlive On
#
MaxKeepAliveRequests: The maximum number of requests to allow
during a persistent connection. Set to 0 to allow an unlimited amount.
We recommend you leave this number high, for maximum performance.
#
MaxKeepAliveRequests 100
#
KeepAliveTimeout: Number of seconds to wait for the next request from the
same client on the same connection.
#
KeepAliveTimeout 15
#
Server-Pool Size Regulation (MPM specific)
#
prefork MPM
StartServers: number of server processes to start
MinSpareServers: minimum number of server processes which are kept spare
MaxSpareServers: maximum number of server processes which are kept spare
MaxClients: maximum number of server processes allowed to start
MaxRequestsPerChild: maximum number of requests a server process serves
MinSpareServers 5
MaxSpareServers 10
MaxClients 150
MaxRequestsPerChild 0
worker MPM
StartServers: initial number of server processes to start
MaxClients: maximum number of simultaneous client connections
MinSpareThreads: minimum number of worker threads which are kept spare
MaxSpareThreads: maximum number of worker threads which are kept spare
ThreadsPerChild: constant number of worker threads in each server process
MaxRequestsPerChild: maximum number of requests a server process serves
MinSpareThreads 25
MaxSpareThreads 75
ThreadLimit 64
ThreadsPerChild 25
MaxClients 150
MaxRequestsPerChild 0
event MPM
StartServers: initial number of server processes to start
MaxClients: maximum number of simultaneous client connections
MinSpareThreads: minimum number of worker threads which are kept spare
MaxSpareThreads: maximum number of worker threads which are kept spare
ThreadsPerChild: constant number of worker threads in each server process
MaxRequestsPerChild: maximum number of requests a server process serves
MaxClients 150
MinSpareThreads 25
MaxSpareThreads 75
ThreadLimit 64
ThreadsPerChild 25
MaxRequestsPerChild 0
These need to be set in /etc/apache2/envvars
User ${APACHERUNUSER}
Group ${APACHERUNGROUP}
#
AccessFileName: The name of the file to look for in each directory
for additional configuration directives. See also the AllowOverride
directive.
#
AccessFileName .htaccess
#
The following lines prevent .htaccess and .htpasswd files from being
viewed by Web clients.
#
Deny from all
#
DefaultType is the default MIME type the server will use for a document
if it cannot otherwise determine one, such as from filename extensions.
If your server contains mostly text or HTML documents, "text/plain" is
a good value. If most of your content is binary, such as applications
or images, you may want to use "application/octet-stream" instead to
keep browsers from trying to display binary files as though they are
text.
#
DefaultType text/plain
#
HostnameLookups: Log the names of clients or just their IP addresses
e.g., www.apache.org (on) or 204.62.129.132 (off).
The default is off because it'd be overall better for the net if people
had to knowingly turn this feature on, since enabling it means that
each client request will result in AT LEAST one lookup request to the
nameserver.
#
HostnameLookups Off
ErrorLog: The location of the error log file.
If you do not specify an ErrorLog directive within a # container, error messages relating to that virtual host will be
logged here. If you do define an error logfile for a # container, that host's errors will be logged there and not here.
#
ErrorLog /var/log/apache2/error.log
#
LogLevel: Control the number of messages logged to the error_log.
Possible values include: debug, info, notice, warn, error, crit,
alert, emerg.
#
LogLevel warn
Include module configuration:
Include /etc/apache2/mods-enabled/*.load
Include /etc/apache2/mods-enabled/*.conf
Include all the user configurations:
Include /etc/apache2/httpd.conf
Include ports listing
Include /etc/apache2/ports.conf
#
The following directives define some format nicknames for use with
a CustomLog directive (see below).
If you are behind a reverse proxy, you might want to change %h into %{X-Forwarded-For}i
#
LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %O" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
#
Define an access log for VirtualHosts that don't define their own logfile
CustomLog /var/log/apache2/othervhostsaccess.log vhost_combined
Include of directories ignores editors' and dpkg's backup files,
see README.Debian for details.
Include generic snippets of statements
Include /etc/apache2/conf.d/
Include the virtual host configurations:
Include /etc/apache2/sites-enabled/
Hope you can figure it out. Thanks