The client lacks sufficient authorization :: Invalid response

ren-kun · February 10, 2017, 9:24am

Hey, thanks for your help once again.

SSLEngine is On (for /etc/apache2/sites-available/default-ssl.conf)

Or am i doing it to the wrong file?

serverco · February 10, 2017, 9:27am

Do you have just the one domain ? if so, then the default-ssl.conf is fine, yes.

What else do you have in that file ? and have you enabled the modules you need for SSL ?

ren-kun · February 10, 2017, 9:32am

Hello,

Just one domain right now.

I re-saved the document and did

sudo a2ensite default-ssl.conf

and restarted apache2.

I now get a different error about it being not secure. (Im so confused now)

serverco · February 10, 2017, 9:35am

You are using a cert for ns509291.ip-167-114-100.net rather than your domain name

are the links in default-ssl.conf pointing to the correct files for your cert ?

ren-kun · February 10, 2017, 9:38am

Under Plesk>websites and domains> Secuirty> I set it to the correct SSL.

I guess that setting didn’t reflect to what I chose??

I will check it out

ren-kun · February 10, 2017, 9:46am

Hello,

I took a look, I set the following

    SSLCertificateFile /etc/apache2/ssl/
    SSLCertificateKeyFile /etc/apache2/ssl/

Am I correct? But how do i know which one is the right one?

serverco · February 10, 2017, 9:51am

both of those are directories, not files - they should like to the correct files. When you got those from sslforfree - where specifically did you upload them to ?

ren-kun · February 10, 2017, 9:54am

Heys,

Ah i removed the last section of the directory. Was meant to use it as an example.

As for the certificate, p-key and bundle. I set it through plesk.

serverco · February 10, 2017, 10:00am

I’m not sure what I can add I’m afraid - this isn’t a plesk support forum ( and I don’t use plesk) - so if you’re adding it through plesk, and it’s not working then you should really talk to plesk.

If you upload the certificates to a known location, and set that exact same location in your apache config, then it should work. Alternatively, look at the exact location in apache ( not just the directory, but the file name as well ) - and place the certificate files at that specific location. then restart apache.

ren-kun · February 10, 2017, 10:03am

Hey,

Just a question, how did you check which certificate was being used? I might need it when i ask plesk once more about this.

serverco · February 10, 2017, 10:09am

You can check in your browser - I use a simple bash script that checks various information and provides various info

user@serverco:~$ certinfo grayles.net 
getting cert from server - grayles.net

Certificate chain
 0 s:/CN=ns509291.ip-167-114-100.net
   i:/CN=ns509291.ip-167-114-100.net
---
Certificate:
Issuer: CN=ns509291.ip-167-114-100.net
Not Before: Jun 22 11:21:19 2016 GMT
Not After : Jun 20 11:21:19 2026 GMT
Subject: CN=ns509291.ip-167-114-100.net
Public Key Algorithm: rsaEncryption

You’re welcome to a copy of the bash script if you like ( I suspect you don’t normally run linux on your home PC, so may not be much use for you though)

ren-kun · February 10, 2017, 10:20am

Thanks for your help so far man!

I really appreciate the time you have given me.

system · March 12, 2017, 10:20am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.