Can you guys look at my 443 virtual host? Is it correct because chrome and firefox say no trusted


#1
  <IfModule mod_ssl.c>
        <VirtualHost _default_:443>
            ServerAdmin EMAIL

            DocumentRoot /var/www/DOMAIN

            ErrorLog ${APACHE_LOG_DIR}/error.log
            CustomLog ${APACHE_LOG_DIR}/access.log combined

            SSLEngine on
            SSLCertificateFile      /etc/letsencrypt/live/domain.net/fullchain.pem
            SSLCertificateKeyFile /etc/letsencrypt/live/domain.net/privkey.pem
            SSLCertificateChainFile /etc/letsencrypt/live/domain.net/fullchain.pem
    </VirtualHost>
</IfModule>

#2

Hi @Olympus

what’s your domain name?

It’s impossible to understand the problem without the domain name and your actions creating a certificate.


#3

Hi,

You didn’t specify the domain name and it’s a default virtual host, hense there are some issues (mostly common name mismatch)

You might want to create one virtual host for each website & assign certificate for them…

Thank you


#4

That’s not entirely correct. In older versions of Apache, you should use:

SSLCertificateFile /etc/letsencrypt/live/domain.net/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/domain.net/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/domain.net/chain.pem

In newer versions of Apache, you can just use:

SSLCertificateFile /etc/letsencrypt/live/domain.net/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/domain.net/privkey.pem

However, browsers can usually cope with that issue and the website will work. Some more strict TLS clients will fail, though.


#5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.