Apache2 on Ubuntu 18.04

alffan

2/14/23, 4:46 PM

I am running Apache2 on Ubuntu 18.04 with Wordpress. It has worked well for about a year. Now I am renewing the SSL Certificate and am having problems. I used the common name of www.mydomain.com for the CSR. Accessing www.mydomain.com seems to be OK but mydomain.com is not secure. Do I need a new certificate or is my configuration wrong. I edited /etc/apache2/sites-availaable/default-ssl.conf. The ServerName is mydomain.com and the ServerAlias is www.mydomain.com.

What am I doing wrong.

0 + 0

ssl

apache2

Score:-1

Ubuntu

jby

2/14/23, 4:53 PM

You need to add these lines in your config-file (default-ssl.conf according to your comment below):

SSLCertificateFile "/usr/local/apache2/conf/ssl/certificate.crt"
SSLCertificateChainFile "/usr/local/apache2/conf/ssl/ca_bundle.crt"
SSLCertificateKeyFile "/usr/local/apache2/conf/ssl/private.key"

You're talking about a certificate.pem file that should be the 'certificate.crt' in the example above, and your pem-chain file should be the 'ca_bundle.crt' in the example above. Look at this answer for a detailed explanation about .pem and .cer files.

0 + 0

Ollie

2/14/23, 4:55 PM

Please don't post link-only answers; they are discouraged here and could be marked as low-quality and deleted. You'll need to flesh out your answer with a bit more detail.

jby

2/14/23, 5:33 PM

The linked text does answer the posed question, and if the poster follows the link it will explain in detail.

Ollie

2/14/23, 5:42 PM

That may be, but while the link answers the question, it's better to include the essential parts of the answer right here and to just provide the link for reference. Link-only answers can become invalid if the linked website changes or moves or removes the article... that's why they're discouraged.

jby

2/14/23, 6:15 PM

I added some more content, better?

alffan

2/15/23, 12:36 AM

The certificate was issued for www.mydomain.com. I got my certificate and certificate bundle from TrustCor but I am having difficulty determining which certificate is which. The one ending in .pem is the main certificate but what is in the .pem-chain are defined as CA certificates with TrustCor as the Subject CN. I am a bit confused as to how to configure my default-ssl.conf file. The .pem-chain file has a copy of the main certificate and two CA certificates.

jby

2/18/23, 11:41 AM

Yes, that's the chain of certificates that together prove the authenticity of the certificate you got issues for your domain. More info here: https://www.appviewx.com/education-center/what-is-a-certificate-chain/

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Apache2 on Ubuntu 18.04

TH: Apache2 บน Ubuntu 18.04

RO: Apache2 pe Ubuntu 18.04

RU: Apache2 в Ubuntu 18.04

VI: Apache2 trên Ubuntu 18.04

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.