在Apache中安装SSL时出错
对于SSL,我遵循以下步骤:在Apache中安装SSL时出错,apache,ssl,openssl,ssl-certificate,Apache,Ssl,Openssl,Ssl Certificate,对于SSL,我遵循以下步骤: openssl req -new -newkey rsa:2048 -nodes -keyout domain.key -out domain.crt [Wed Jun 13 10:48:03.690496 2018] [ssl:emerg] [pid 2536] AH02562: Failed to configure certificate 172.31.25.100:443:0 (with chain), check /etc/apache2/ssl/dom
openssl req -new -newkey rsa:2048 -nodes -keyout domain.key -out domain.crt
[Wed Jun 13 10:48:03.690496 2018] [ssl:emerg] [pid 2536] AH02562: Failed to configure certificate 172.31.25.100:443:0 (with chain), check /etc/apache2/ssl/domain.crt
[Wed Jun 13 10:48:03.690538 2018] [ssl:emerg] [pid 2536] SSL Library Error: error:0906D06C:PEM routines:PEM_read_bio:no start line (Expecting: TRUSTED CERTIFICATE) -- Bad file contents or format - or even just a forgotten SSLCertificateKeyFile?
[Wed Jun 13 10:48:03.690548 2018] [ssl:emerg] [pid 2536] SSL Library Error: error:140DC009:SSL routines:SSL_CTX_use_certificate_chain_file:PEM lib
AH00016: Configuration Failed
这个很好用
openssl req -text -noout -verify -in domain.crt
效果很好
openssl rsa -in domain.key -check
> RSA key ok writing RSA key
> -----BEGIN RSA PRIVATE KEY-----
>
>
> .....
>
>
> -----END RSA PRIVATE KEY-----
将.key
和.crt
文件移动到/etc/apache2/ssl
打开/etc/apache2/sites available/default ssl.conf
加
其次是
sudo a2enmod ssl
sudo service apache2 restart
错误为::
openssl req -new -newkey rsa:2048 -nodes -keyout domain.key -out domain.crt
[Wed Jun 13 10:48:03.690496 2018] [ssl:emerg] [pid 2536] AH02562: Failed to configure certificate 172.31.25.100:443:0 (with chain), check /etc/apache2/ssl/domain.crt
[Wed Jun 13 10:48:03.690538 2018] [ssl:emerg] [pid 2536] SSL Library Error: error:0906D06C:PEM routines:PEM_read_bio:no start line (Expecting: TRUSTED CERTIFICATE) -- Bad file contents or format - or even just a forgotten SSLCertificateKeyFile?
[Wed Jun 13 10:48:03.690548 2018] [ssl:emerg] [pid 2536] SSL Library Error: error:140DC009:SSL routines:SSL_CTX_use_certificate_chain_file:PEM lib
AH00016: Configuration Failed
我建议您自动安装ssl。您只能通过一些代码来完成此操作:
sudo apt-get install git
git clone https://github.com/letsencrypt/letsencrypt
cd letsencrypt/
./letsencrypt-auto
在此之后,它会要求您接受这些条款,如果您想将所有流量从http重定向到https。因此,您必须仔细阅读。您尚未在证书上签名。CSR不是证书。离题。