在Apache中安装SSL时出错

对于SSL，我遵循以下步骤：

openssl req -new -newkey rsa:2048 -nodes -keyout domain.key -out domain.crt

[Wed Jun 13 10:48:03.690496 2018] [ssl:emerg] [pid 2536] AH02562: Failed to configure certificate 172.31.25.100:443:0 (with chain), check /etc/apache2/ssl/domain.crt
    [Wed Jun 13 10:48:03.690538 2018] [ssl:emerg] [pid 2536] SSL Library Error: error:0906D06C:PEM routines:PEM_read_bio:no start line (Expecting: TRUSTED CERTIFICATE) -- Bad file contents or format - or even just a forgotten SSLCertificateKeyFile?
    [Wed Jun 13 10:48:03.690548 2018] [ssl:emerg] [pid 2536] SSL Library Error: error:140DC009:SSL routines:SSL_CTX_use_certificate_chain_file:PEM lib
    AH00016: Configuration Failed

这个很好用

openssl req -text -noout -verify -in domain.crt

效果很好

openssl rsa -in domain.key -check

> RSA key ok writing RSA key
> -----BEGIN RSA PRIVATE KEY-----
> 
> 
> .....
> 
> 
> -----END RSA PRIVATE KEY-----

将

.key

和

.crt

文件移动到

/etc/apache2/ssl

打开

/etc/apache2/sites available/default ssl.conf

加

其次是

sudo a2enmod ssl

sudo service apache2 restart

错误为：：

openssl req -new -newkey rsa:2048 -nodes -keyout domain.key -out domain.crt

[Wed Jun 13 10:48:03.690496 2018] [ssl:emerg] [pid 2536] AH02562: Failed to configure certificate 172.31.25.100:443:0 (with chain), check /etc/apache2/ssl/domain.crt
    [Wed Jun 13 10:48:03.690538 2018] [ssl:emerg] [pid 2536] SSL Library Error: error:0906D06C:PEM routines:PEM_read_bio:no start line (Expecting: TRUSTED CERTIFICATE) -- Bad file contents or format - or even just a forgotten SSLCertificateKeyFile?
    [Wed Jun 13 10:48:03.690548 2018] [ssl:emerg] [pid 2536] SSL Library Error: error:140DC009:SSL routines:SSL_CTX_use_certificate_chain_file:PEM lib
    AH00016: Configuration Failed

---

我建议您自动安装ssl。您只能通过一些代码来完成此操作：

sudo apt-get install git

git clone https://github.com/letsencrypt/letsencrypt

cd letsencrypt/

./letsencrypt-auto

---

在此之后，它会要求您接受这些条款，如果您想将所有流量从http重定向到https。因此，您必须仔细阅读。

您尚未在证书上签名。CSR不是证书。离题。