I'm about ready to give up and do a clean wipe of this machine and start over with ISPConfig or some other variant.

I installed Plesk on this machine to help with some of the handiwork. It is the free version (single domain); I don't need it for much. It's nice, though, to use to set up db's email, etc.

Anyway, I would like to set it up as a CA (which I can add to users' trusted root servers to alleviate those warnings).

It seems like Plesk does all it can to obfuscate where things are. Despite trying to find the conf files, and crt/pem/key etc. I am (5 hours later) now left with a machine that won't even get to the ssl page. The browser will sit there, until a 'connection reset' error comes up.

In error_log, I get messages saying CN doesn't match server name -- which it does.

ssl_error_log:

[Thu May 13 16:02:14 2010] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)

[Thu May 13 16:12:19 2010] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)

not very helpful.

If anyone has any experience, and/or recommendations (including other software), I'd be much obliged.

NB RHEL5; 1 domain, 3 subdomains; everything local only.

Thanks.