Sometimes it is difficult to verify if your https key matches your https certificate.
In these cases you can use the following commands:
Also keep in mind that the CN name of the certificate sign request (CSR) needs to match the CN of the certificate.
If you have more than one domain entries in the certificate, the first one is the CN. Multiple https virtualhost definitions (including the default ssl.conf) may confuse apache.
In these cases you can use the following commands:
openssl x509 -noout -modulus -in /etc/yourcertificate.crt | openssl md5
openssl rsa -noout -modulus -in /etc/private.key | openssl md5
Also keep in mind that the CN name of the certificate sign request (CSR) needs to match the CN of the certificate.
If you have more than one domain entries in the certificate, the first one is the CN. Multiple https virtualhost definitions (including the default ssl.conf) may confuse apache.
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.