I’ve created the self-signed server certificate, the private server key and the Certificate Authority’s own certificate using the below commands.
openssl genrsa -out ca.key 2048
openssl req -config openssl.cnf -new -x509 -days 365 -key ca.key -out ca.crt
openssl genrsa -out server.key 2048
openssl req -config openssl.cnf -new -key server.key -out server.csr
openssl x509 -req -days 365 -in server.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out server.crt
I’ve then added them to httpd-ssl.conf using the below.
SSLCertificateFile "C:/Apache2/conf/server.crt"
SSLCertificateKeyFile "C:/Apache2/conf/server.key"
SSLCertificateChainFile "C:/Apache2/conf/ca.crt"
However when visiting https://localhost I get:-
Secure Connection Failed An error occurred during a connection to
localhost. Peer’s certificate has an invalid signature. (Error code:
sec_error_bad_signature) The page you are trying to view can not be
shown because the authenticity of the received data could not be
verified.
* Please contact the web site owners to inform them of this problem.
Any ideas anyone?
Thanks
Normal untrusted error
localhost uses an invalid security certificate.
The certificate is not trusted because it is self signed.
My CA certificate error
An error occurred during a connection to localhost.
Peer’s certificate has an invalid signature.
Try re-generating your certificate this way:
Then, remove the passphrase from the server certificate for avoiding Apache asking you the password everytime you restart it:
And then, generate your self-signed certificate
After, just specify
SSLCertificateFileandSSLCertificateKeyFileto use your new certificate.