Back

Explore Courses Blog Tutorials Interview Questions
0 votes
1 view
in AWS by (19.1k points)

I'm having a hard time trying to set up an SSL certificate (it's a Comodo PositiveSSL from NameCheap) on my EC2 micro instance (I'm using Amazon Linux AMI 2012.3, which is based on CentOS if I'm not mistaken).

Here's what I did:

  • I installed mod_ssl & OpenSSL
  • I enabled port 443 on my EC2's instance security group
  • I CHMODed the *.key & *.crt files to 777 as Comodo suggested
  • I'm certain the IP address & files path is correct (put a bunch of 0s in the example but it is correct in my ssl.conf)
  • I added this VirtualHost entry to ssl.conf

<VirtualHost 00.000.000.00:443>

####### I tried both with & without this section ########

   ServerName www.mydomain.com:443

   ServerAlias www.mydomain.com

   DocumentRoot /var/www

   ServerAdmin [email protected]

   ######################################################

   SSLEngine on

   SSLCertificateKeyFile /etc/ssl/mydomain_com.key

   SSLCertificateFile /etc/ssl/mydomain_com.crt

   SSLCertificateChainFile /etc/ssl/mydomain_com.ca-bundle

</VirtualHost>

Then I restarted apache...but I still cannot access https://www.mydomain.com/ !!!

I checked with ssltool.com, it says

The Common Name on the certificate is: ip-00-00-00-000

The certificate chain consists of:

SomeOrganization, ip-00-00-00-000. Expires on: Apr 10 13:39:41 2013 GMT - that's 363 days from today.

The site tested mydomain.com is NOT the same as the Subject CN ip-00-00-00-000!.

I even went & copied the virtual host to httpd.conf instead of ssl.conf & restarted apache, all in vain.

I've been banging my head against the wall for days now. I'm pretty sure I'm missing a tiny something to make this work, I just don't know what exactly.

1 Answer

0 votes
by (44.3k points)

So, this section below

<VirtualHost _default_:443>

Can stop your real SSL certificate from being used. So, you can either comment it or put your SSL certificates inside it.

<VirtualHost _default_:443>

  SSLCertificateKeyFile /etc/ssl/mydomain_com.key

  SSLCertificateFile /etc/ssl/mydomain_com.crt

  SSLCertificateChainFile /etc/ssl/mydomain_com.ca-bundle

</VirtualHost>

After that, restart your Apache server

Related questions

Want to get 50% Hike on your Salary?

Learn how we helped 50,000+ professionals like you !

0 votes
1 answer
asked Jul 8, 2019 in AWS by yuvraj (19.1k points)
Welcome to Intellipaat Community. Get your technical queries answered by top developers!

28.4k questions

29.7k answers

500 comments

94.1k users

Browse Categories

...