RE: [users@httpd] HTTPS implementation to apache2 server, localhost

[saikiran....@wipro.com]

You are missing intermediate certificate i.e, CA certificate.

You should add it after below lines

            SSLCertificateFile    /etc/apache2/ssl/apache.crt
             SSLCertificateKeyFile /etc/apache2/ssl/apache.key


In ssl.conf you will find

Server Certificate Chain:
Certificate Authority (CA):

add it anywhere but not in both.

Best Regards

[http://marketing.wiprodigital.com/apps/wipro-esig/assets/images/logo-01.jpg]<http://www.wipro.com/>

  Saikiran M

  Middleware Administrator  | SNXT Operations – Global Service Management Centre

  Wipro Limited

   p:  214924 | Toll Free 1800 200 5656

  #146/147, Metagalli industrial area, Mysore 570 016 | Karnataka, INDIA



[cid:image002.png@01D198BF.43C16BA0]

DO BUSINESS BETTER

CONSULTING | SYSTEM INTEGRATION | BUSINESS PROCESS SERVICES




[cid:image003.png@01D198BF.43C16BA0]<http://www.facebook.com/WiproTechnologies>

[cid:image004.png@01D198BF.43C16BA0]<http://twitter.com/Wipro>

[cid:image005.png@01D198BF.43C16BA0]<http://www.linkedin.com/company/1318>

[cid:image006.png@01D198BF.43C16BA0]<http://www.youtube.com/user/Wiprovideos>





From: Keerthi Narayan [mailto:mkeerth...@gmail.com]
Sent: Thursday, May 4, 2017 6:10 PM
To: users@httpd.apache.org
Subject: Re: [users@httpd] HTTPS implementation to apache2 server, localhost


** This mail has been sent from an external source **
below is the details of error log file

[Thu May 04 07:35:01.892795 2017] [ssl:warn] [pid 15336:tid 140037655033728] 
AH01906: 172.19.18.238:443:0 server certificate is a CA certificate 
(BasicConstraints: CA == TRUE !?)
[Thu May 04 07:35:01.892876 2017] [mpm_event:notice] [pid 15336:tid 
140037655033728] AH00489: Apache/2.4.18 (Ubuntu) mod_jk/1.2.41 OpenSSL/1.0.2g 
configured -- resuming normal operations
[Thu May 04 07:35:01.892881 2017] [core:notice] [pid 15336:tid 140037655033728] 
AH00094: Command line: '/usr/sbin/apache2'
[Thu May 04 12:54:40.038040 2017] [mpm_event:notice] [pid 15336:tid 
140037655033728] AH00491: caught SIGTERM, shutting down
[Thu May 04 12:54:40.780686 2017] [ssl:warn] [pid 18991:tid 140346453059456] 
AH01906: 172.19.18.238:443:0 server certificate is a CA certificate 
(BasicConstraints: CA == TRUE !?)
[Thu May 04 12:54:40.787424 2017] [ssl:warn] [pid 18992:tid 140346453059456] 
AH01906: 172.19.18.238:443:0 server certificate is a CA certificate 
(BasicConstraints: CA == TRUE !?)
[Thu May 04 12:54:40.788009 2017] [mpm_event:notice] [pid 18992:tid 
140346453059456] AH00489: Apache/2.4.18 (Ubuntu) mod_jk/1.2.41 OpenSSL/1.0.2g 
configured -- resuming normal operations
[Thu May 04 12:54:40.788023 2017] [core:notice] [pid 18992:tid 140346453059456] 
AH00094: Command line: '/usr/sbin/apache2'


On Thu, May 4, 2017 at 2:33 PM, Daniel 
<dferra...@gmail.com<mailto:dferra...@gmail.com>> wrote:
At first sight there is no syntax error. Can you try to describe what error you 
get and paste related error.log entries?

2017-05-04 9:30 GMT+02:00 Keerthi Narayan 
<mkeerth...@gmail.com<mailto:mkeerth...@gmail.com>>:
Hi All,
I am trying to implement HTTPS to my local server(apache2) and below is 
configuration file.   -----UBUNTU SERVER

<IfModule mod_ssl.c>
        <VirtualHost _default_:443>
                ServerAdmin user@localhost
                ServerName x.x.x.x
                ServerAlias www.x.x.x.x<http://www.x.x.x.x>
                DocumentRoot /var/www/html
                ErrorLog ${APACHE_LOG_DIR}/error.log
                CustomLog ${APACHE_LOG_DIR}/access.log combined
                SSLEngine on
                SSLCertificateFile    /etc/apache2/ssl/apache.crt
                SSLCertificateKeyFile /etc/apache2/ssl/apache.key
  <FilesMatch "\.(cgi|shtml|phtml|php)$">
                                SSLOptions +StdEnvVars
                </FilesMatch>
                <Directory /usr/lib/cgi-bin>
                                SSLOptions +StdEnvVars
                </Directory>
                <Directory /var/www/html>
                        Options Indexes FollowSymLinks MultiViews
                        AllowOverride None
                        Order allow,deny
                        allow from all
                </Directory>
                 BrowserMatch "MSIE [2-6]" \
                                nokeepalive ssl-unclean-shutdown \
                                downgrade-1.0 force-response-1.0
                BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
        </VirtualHost>
</IfModule>
Please advice me what else i have to configure apart from above configuration 
or correction.  So that it will get secured.
Thanks & Regards,
Keerthi Narayan




--
Daniel Ferradal
IT Specialist

email         dferradal at gmail.com<http://gmail.com>
linkedin     
es.linkedin.com/in/danielferradal<http://es.linkedin.com/in/danielferradal>

The information contained in this electronic message and any attachments to 
this message are intended for the exclusive use of the addressee(s) and may 
contain proprietary, confidential or privileged information. If you are not the 
intended recipient, you should not disseminate, distribute or copy this e-mail. 
Please notify the sender immediately and destroy all copies of this message and 
any attachments. WARNING: Computer viruses can be transmitted via email. The 
recipient should check this email and any attachments for the presence of 
viruses. The company accepts no liability for any damage caused by any virus 
transmitted by this email. www.wipro.com