logo
Apache Lounge
Webmasters

 


About

Forum Index Downloads Search Register Log in  RSS Apache Lounge
 



Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Apache Lounge is not sponsored.

Your donations will help to keep this site alive and well, and continuing building binaries.



Install SSL Raspbian

 
Post new topic   Reply to topic    Apache Forum Index -> Apache



View previous topic :: View next topic  
Author Message
aliskander



Joined: 12 Sep 2017
Posts: 2
Location: Belgium

PostPosted: Tue 12 Sep '17 13:31    Post subject: Install SSL Raspbian Reply with quote

I have LAMP (Linux-Apache-MySQL-PHP) installed on my Raspberry Pi with OS =Raspbian Stretch.
Apache Version: Apache/2.4.25 (Raspbian)
PHP Version: 5.6.30-0+deb8u1

the local site name is huttesrv000.hutte.local with alias www.hutte.local (works fine)

Now I like to use SSL on my local site:
I created in the folder /etc/apache2/ssl 2 files: server.crt and server.key:
sudo openssl req -x509 -nodes -days 1095 -newkey rsa:2048 -out /etc/apache2/ssl/server.crt -keyout /etc/apache2/ssl/server.key

Installed SSL module :
sudo a2enmod ssl

in the folder /etc/apache2/sites-available I adjusted/added:
ServerName huttesrv000.hutte.local
ServerAlias www.hutte.local
SSLCertificateFile /etc/apache2/ssl/server.crt
SSLCertificateKeyFile /etc/apache2/ssl/server.key

in /etc/apache2/ports.conf:
Listen 80 http
<IfModule ssl_module>
Listen 443 https
</IfModule>
<IfModule mod_gnutls.c>
Listen 443
</IfModule>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet

restarted Apache2 service

But when I try to launch https://www.hutte.local with Mozilla Firefox in Window 10 I get:

error code:
------------------------------------------------------------
www.hutte.local uses an invalid security certificate.

The certificate is not trusted because it is self-signed.
The certificate is not valid for the name www.hutte.local.

Error code: SEC_ERROR_UNKNOWN_ISSUER
------------------------------------------------------------

As browser I use Mozilla Firefox on Windows 10:

In Options/advanced/certificates/View certificates/Authorities I see:

hutte
huttesrv000.hutte.local

and under CA certificate trust settings:
checked: this certicate can identify websites
checked: this certicate can identify mail users
checked: this certicate can identify software makers

can anyone point me in the right direction to solve this problem?
Thank you in advance.
Back to top
Izomye



Joined: 15 Dec 2016
Posts: 16
Location: Hammerfest

PostPosted: Tue 12 Sep '17 18:13    Post subject: Reply with quote

Code:
SSLCertificateFile /etc/apache2/ssl/server.crt


You must load this certificate in the trusted store of your firefox!

and for Edge or Internet Explorer in the trusted store of windows (You open this with "certmgr.msc" and load the certificate under "CA").
Back to top
aliskander



Joined: 12 Sep 2017
Posts: 2
Location: Belgium

PostPosted: Tue 12 Sep '17 18:58    Post subject: Reply with quote

I already did that in Firefox
In Windows an error was returned:

This site is not secure

This might mean that someone’s trying to fool you or steal any info you send to the server. You should close this site immediately.

Go to your Start page
Details

Your PC doesn’t trust this website’s security certificate.
The hostname in the website’s security certificate differs from the website you are trying to visit.
Error Code: DLG_FLAGS_INVALID_CA
DLG_FLAGS_SEC_CERT_CN_INVALID
Back to top


Post new topic   Reply to topic    Apache Forum Index -> Apache
Page 1 of 1