Re: https can;t be good for work

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



James Kosin wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
 
[email protected] wrote:
  
Dear All,

I can't to enable the https as the following :

<VirtualHost webmail.ita.org.mo>
Redirect / https://webmail.ita.org.mo:443
</VirtualHost>

<VirtualHost webmail.ita.org.mo>
DocumentRoot ...
ServerName webmail.ita.org.mo
ErrorLog ...
TransferLog ...
SSLEngine on
SSLCertificateFile server.crt
SSLCertificateKeyFile server.key
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
   SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/cgi-bin">
   SSLOptions +StdEnvVars
</Directory>
SetEnvIf User-Agent ".*MSIE.*" \
        nokeepalive ssl-unclean-shutdown \
        downgrade-1.0 force-response-1.0
CustomLog /var/log/itawm-ssl_request_log \
         "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>


error log of web server :
[Fri Sep 21 22:42:44 2007] [warn] RSA server certificate CommonName
(CN) `localhost' does NOT match server name!?
[Fri Sep 21 22:42:44 2007] [warn] RSA server certificate is a CA
certificate (BasicConstraints: CA == TRUE !?)
[Fri Sep 21 22:42:44 2007] [warn] RSA server certificate CommonName
(CN) `localhost' does NOT match server name!?
[Fri Sep 21 22:43:29 2007] [warn] RSA server certificate is a CA
certificate (BasicConstraints: CA == TRUE !?)
[Fri Sep 21 22:43:29 2007] [warn] RSA server certificate CommonName
(CN) `localhost' does NOT match server name!?
[Fri Sep 21 22:43:29 2007] [warn] RSA server certificate is a CA
certificate (BasicConstraints: CA == TRUE !?)
[Fri Sep 21 22:43:29 2007] [warn] RSA server certificate CommonName
(CN) `localhost' does NOT match server name!?

ssl error log :
[Fri Sep 21 22:43:29 2007] [warn] RSA server certificate is a CA
certificate (BasicConstraints: CA == TRUE !?)
[Fri Sep 21 22:43:29 2007] [warn] RSA server certificate CommonName
(CN) `localhost.localdomain' does NOT match server name!?
[Fri Sep 21 22:43:29 2007] [warn] RSA server certificate is a CA
certificate (BasicConstraints: CA == TRUE !?)
[Fri Sep 21 22:43:29 2007] [warn] RSA server certificate CommonName
(CN) `localhost.localdomain' does NOT match server name!?

So, what mistake about the config ?

Remark : The ssl is self-signed SSL Certificate, and the Web Server
come with FC6 System.

Thanks !

Edward.

    
Edward,

You didn't do anything wrong.  You will have to create a certificate
for webmail.ita.org.mo for this to work without the warnings.  The
default cert does not handle external connections...
I believe the cets will be in the /etc/httpd/conf  directory.

  
Hello Jame,

After the config and restart the web server...
I found that we can't to connect to http://webmail.ita.org.mo ( include redirect problem : https ) !
So, would you mind to give me more help ?

Thanks !

Edward.

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux