I'm having a hard time trying to set up an SSL certificate (it's a Comodo PositiveSSL from NameCheap) on my EC2 micro instance (I'm using Amazon Linux AMI 2012.3, which is based on CentOS if I'm not mistaken).
Here's what I did:
- I installed mod_ssl & OpenSSL
- I enabled port 443 on my EC2's instance security group
- I CHMODed the *.key & *.crt files to 777 as Comodo suggested
- I'm certain the IP address & files path is correct (put a bunch of 0s in the example but it is correct in my ssl.conf)
- I added this VirtualHost entry to ssl.conf
<VirtualHost 00.000.000.00:443>
####### I tried both with & without this section ########
ServerName www.mydomain.com:443
ServerAlias www.mydomain.com
DocumentRoot /var/www
ServerAdmin [email protected]
######################################################
SSLEngine on
SSLCertificateKeyFile /etc/ssl/mydomain_com.key
SSLCertificateFile /etc/ssl/mydomain_com.crt
SSLCertificateChainFile /etc/ssl/mydomain_com.ca-bundle
</VirtualHost>
Then I restarted apache...but I still cannot access https://www.mydomain.com/ !!!
I checked with ssltool.com, it says
The Common Name on the certificate is: ip-00-00-00-000
The certificate chain consists of:
SomeOrganization, ip-00-00-00-000. Expires on: Apr 10 13:39:41 2013 GMT - that's 363 days from today.
The site tested mydomain.com is NOT the same as the Subject CN ip-00-00-00-000!.
I even went & copied the virtual host to httpd.conf instead of ssl.conf & restarted apache, all in vain.
I've been banging my head against the wall for days now. I'm pretty sure I'm missing a tiny something to make this work, I just don't know what exactly.
Back