Preciso renunciar / regenar um certificado ao mover IPs?

Question

Preciso renunciar / regenar um certificado ao mover IPs?

#1 resposta do (3 votos)

1

Esses erros estão relacionados a mover um site para um novo IP e manter o mesmo SSL CERT?

Preciso regenar / assinar para corrigir isso?

[Sun Jun 22 07:13:11.054280 2014] [mpm_worker:notice] [pid 2775:tid 2803123869632] AH00292: Apache/2.4.9 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_fcgid/2.3.9 configured -- resuming normal operations
[Sun Jun 22 07:13:11.054328 2014] [core:notice] [pid 2775:tid 2803123869632] AH00094: Command line: '/usr/local/apache/bin/httpd -D SSL'
[Sun Jun 22 08:11:52.651176 2014] [mpm_worker:notice] [pid 2775:tid 2803123869632] AH00297: SIGUSR1 received.  Doing graceful restart
[Sun Jun 22 08:11:53.000801 2014] [ssl:warn] [pid 2775:tid 2803123869632] AH01906: web.nj.sitename.com:443:0 server certificate is a CA certificate (BasicConstraints : CA == TRUE !?)
[Sun Jun 22 08:11:53.000838 2014] [ssl:error] [pid 2775:tid 2803123869632] AH02217: ssl_stapling_init_cert: Can't retrieve issuer certificate!
[Sun Jun 22 08:11:53.000844 2014] [ssl:error] [pid 2775:tid 2803123869632] AH02567: Unable to configure certificate web.nj.sitename.com:443:0 for stapling
[Sun Jun 22 08:11:53.001476 2014] [ssl:warn] [pid 2775:tid 2803123869632] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)
[Sun Jun 22 08:11:53.068215 2014] [mpm_worker:notice] [pid 2775:tid 2803123869632] AH00292: Apache/2.4.9 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_fcgid/2.3.9 configured -- resuming normal operations
[Sun Jun 22 08:11:53.068256 2014] [core:notice] [pid 2775:tid 2803123869632] AH00094: Command line: '/usr/local/apache/bin/httpd -D SSL'
[Sun Jun 22 09:10:23.035351 2014] [mpm_worker:notice] [pid 2775:tid 2803123869632] AH00297: SIGUSR1 received.  Doing graceful restart
[Sun Jun 22 09:10:24.000899 2014] [ssl:warn] [pid 2775:tid 2803123869632] AH01906: web.nj.sitename.com:443:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Sun Jun 22 09:10:24.000935 2014] [ssl:error] [pid 2775:tid 2803123869632] AH02217: ssl_stapling_init_cert: Can't retrieve issuer certificate!
[Sun Jun 22 09:10:24.000941 2014] [ssl:error] [pid 2775:tid 2803123869632] AH02567: Unable to configure certificate web.nj.sitename.com:443:0 for stapling
[Sun Jun 22 09:10:24.001574 2014] [ssl:warn] [pid 2775:tid 2803123869632] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)
[Sun Jun 22 09:10:24.157294 2014] [mpm_worker:notice] [pid 2775:tid 2803123869632] AH00292: Apache/2.4.9 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_fcgid/2.3.9 configured -- resuming normal operations
[Sun Jun 22 09:10:24.157326 2014] [core:notice] [pid 2775:tid 2803123869632] AH00094: Command line: '/usr/local/apache/bin/httpd -D SSL'

ssl linux certificate ssl-certificate certificate-authority

por Jason 22.06.2014 / 17:10

1 resposta

Tags ssl linux certificate ssl-certificate certificate-authority

Determine o arquivo ofensivo ao executar o configtest do Apache É possível exportar uma VM do HyperV do Server 2012R2 e importá-la para o HyperV no Server 2008R2?

score 3 · Accepted Answer

Não, normalmente o certificado SSL está vinculado ao nome comum de um servidor, é o nome DNS. Alterando o endereço IP de www.example.com não invalida o certificado para www.example.com.

Sua mensagem de erro certificado do servidor é um certificado da CA sugere que você copiou o certificado incorreto de configurado incorretamente e agora SSLCertificateFile aponta para o que é realmente o SSLCertificateChainFile ou o SSLCACertificateFile .

openssl x509 -in file.cert -noout -text

exibirá as propriedades de um certificado em texto não criptografado, ajudando você a depurar.