What do I need for SSL?

Posted by Ency on Server Fault See other posts from Server Fault or by Ency
Published on 2010-12-27T11:29:21Z Indexed on 2010/12/27 11:55 UTC
Read the original article Hit count: 400

Filed under:
|
|

Hi guys, just a quick question, I'm kind of confused.
I've had set-up my own certification authority and I can create requests and signed them. But, I'm not sure, what I need to give to Apache, currently I've got:

CA Private key
CA Certificate
Website Private key
Website Certificate
Website Certificate Request (I think I do not need it, but just to be clear)

Until today I was using snakeoil certificate, but I've decided to have more SSL services, than CA looks as good solution, so my Apache was configured well, but now I am not sure what I shall provide to apache in following rules:

SSLCertificateKeyFile /path/to/Website Private Key
SSLCertificateFile /path/to/CA Certificate

But than I got

[Mon Dec 27 12:09:33 2010] [warn] RSA server certificate CommonName (CN) `EServer' does NOT match server name!?
[Mon Dec 27 12:09:33 2010] [error] Unable to configure RSA server private key
[Mon Dec 27 12:09:33 2010] [error] SSL Library Error: 185073780 error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch

Something tells me than the warning is quite weird, because "EServer" is a common name of CA, so I think I shall not use CA Certificate in SSLCertificateFile, shall I?

Do I need to create Certificate from Website private key or something else?

© Server Fault or respective owner

Related posts about apache

Related posts about openssl