我使用server.key CLI生成openssl,然后从中生成server.csr。然后我将server.csr提交给了我的公司(这是内部的),他们给了我一个文本文件,我将其重命名为server.crt
我按照本指南为XAMPP的Apache
安装SSL证书基本上我编辑了httpd-ssl.conf文件,如下所示:
SSLCertificateFile "conf/ssl.crt/server.crt"
SSLCertificateKeyFile "conf/ssl.key/server.key"
SSLCACertificatePath "conf/ssl.crt/"
SSLCACertificateFile "conf/ssl.crt/server.crt"
当我重新启动Apache服务器时,它失败并出错:
[Thu May 08 14:14:48.014710 2014] [ssl:warn] [pid 1924:tid 272] AH01906: RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Thu May 08 14:14:48.016664 2014] [ssl:warn] [pid 1924:tid 272] AH01907: RSA server certificate is not a leaf certificate (BasicConstraints: pathlen == 2 > 0 !?)
[Thu May 08 14:14:48.016664 2014] [ssl:warn] [pid 1924:tid 272] AH01909: RSA certificate configured for www.myservername.com:443 does NOT include an ID which matches the server name
[Thu May 08 14:14:48.016664 2014] [ssl:emerg] [pid 1924:tid 272] AH02238: Unable to configure RSA server private key
[Thu May 08 14:14:48.016664 2014] [ssl:emerg] [pid 1924:tid 272] SSL Library Error: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch
[Thu May 08 14:14:48.016664 2014] [ssl:emerg] [pid 1924:tid 272] AH02311: Fatal error initialising mod_ssl, exiting. See C:/xampp/apache/logs/error.log for more information
任何人都知道为什么?如何解决这个问题?
以下是我的系统信息
Windows NT LGLAC046 6.1 build 7600 (Windows Server 2008 R2 Enterprise Edition) i586
Apache/2.4.4 (Win32) OpenSSL/0.9.8y PHP/5.4.19
OPENSSL_CONF C:/xampp/apache/bin/openssl.cnf
SSL Version OpenSSL/0.9.8y
答案 0 :(得分:4)
我使用openssl CLI生成了server.csr,然后从生成了server.key 你应该首先生成一个私钥:
openssl genrsa -des3 -out server.key 1024
然后生成一个csr:
openssl req -new -key server.key -out server.csr
如果您要申请新证书,则将CSR发送给CA. 听起来你拥有的是CA证书,而不是服务器证书。