SSL working with nginx, not with httpd. Any ideas?

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

SSL working with nginx, not with httpd. Any ideas?

Ezequiel Garzon
Greetings! For some reason I'm able to set up SSL support for my domain
using nginx, but not httpd. I have combined my certificates like this:

    # cat ssl.crt sub.class1.server.ca.pem ca.pem > /etc/ssl/server.crt

However, if I stop nginx and start httpd I get:

    $ curl -I https://ezequiel-garzon.net 
    curl: (60) SSL certificate problem: unable to get local issuer
certificate

I have attempted to write a minimal config file at /etc/httpd.config:

    server defaults {listen on egress ssl port 443}

Any ideas on what I'm doing wrong? Thanks for your help!

Cheers,

Ezequiel

Reply | Threaded
Open this post in threaded view
|

Re: SSL working with nginx, not with httpd. Any ideas?

Hugo Osvaldo Barrera-2
On 2015-03-14 18:41, Ezequiel Garzon wrote:

> Greetings! For some reason I'm able to set up SSL support for my domain
> using nginx, but not httpd. I have combined my certificates like this:
>
>     # cat ssl.crt sub.class1.server.ca.pem ca.pem > /etc/ssl/server.crt
>
> However, if I stop nginx and start httpd I get:
>
>     $ curl -I https://ezequiel-garzon.net
>     curl: (60) SSL certificate problem: unable to get local issuer
> certificate
>
> I have attempted to write a minimal config file at /etc/httpd.config:
>
>     server defaults {listen on egress ssl port 443}
>

Are yuo sure that's right? I don't see the "ssl" keyword anywhere in the
docs:

http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man5/httpd.conf.5

You also seem to be missing TLS certificate/key is you're going to use TLS.

> Any ideas on what I'm doing wrong? Thanks for your help!
>
> Cheers,
>
> Ezequiel
>

Cheers,

--
Hugo Osvaldo Barrera
A: Because we read from top to bottom, left to right.
Q: Why should I start my reply below the quoted text?

[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]

Reply | Threaded
Open this post in threaded view
|

Re: SSL working with nginx, not with httpd. Any ideas?

Ezequiel Garzon
In reply to this post by Ezequiel Garzon
Hi, Hugo!

> Are yuo sure that's right? I don't see the "ssl" keyword anywhere in the
> docs

I see what you're saying... I'm using 5.6-release, which is really not
recommended for httpd as it's moving quite fast. I wonder if that would
fix it.

> You also seem to be missing TLS certificate/key is you're going to use
> TLS.

I'm using the default files, /etc/ssl/private/server.key and
/etc/ssl/server.crt. I failed to mention that under (Ubuntu) Chrome I get
a green lock. By now I'm pretty sure I'm missing the intermediate
certificate.

Thanks for looking into it!

Best,

Ezequiel