Home > Failed To > Apache 2.4 Failed To Configure Ca Certificate Chain!

Apache 2.4 Failed To Configure Ca Certificate Chain!


Are you new to LinuxQuestions.org? Bruteforcing a keypad lock Is the use of username/password in a mobile app needed? Different tasks, same characters What does the expression 'seven for seven thirty ' mean? When the certificate was ready, I revisit the site, and the certificate is installed automagically into the current user certificate store.   Okay, so now I have a SSL certificate stored in Check This Out

Search this Thread 11-30-2016, 02:47 AM #1 P.G.Krish Member Registered: Jun 2016 Distribution: Ubuntu Posts: 61 Rep: SSL installation "Failed to configure CA certificate chain!" error Hi Guys, I The time now is 04:36 PM. Output N in base -10 Compactness of the open and closed unit intervals Different tasks, same characters Why are copper cables round? I just had this happened when I created a CA chain file by cat-ing the intermediate & root .crt files together into a new .ca-bundle file; the issue was that the Bonuses

Apache 2.4 Failed To Configure Ca Certificate Chain!

The error refers to a issue with the trust chain. sundialsvcs View Public Profile View LQ Blog View Review Entries View HCL Entries Visit sundialsvcs's homepage! News Archives May 2012 (2) March 2012 (1) March 2011 (1) August 2010 (1) June 2010 (1) Post Categories codeproject devops asp.net performance New Recent Comments I wrote something a while Apache needs the private key in a separate file when running on Windows.

  1. Registration is quick, simple and absolutely free.
  2. Single domain/virtual???
  3. Do you mean to say you've tried EVERYTHING on those links (and subsequent links in those pages?), and not ONE THING has changed in your error logs???
  4. Contact Us - Advertising Info - Rules - LQ Merchandise - Donations - Contributing Member - LQ Sitemap - Main Menu Linux Forum Android Forum Chrome OS Forum Search LQ
  5. WP Theme &Icons by N.Design Studio adapted by timheuer RSSATOM Login
  6. Thanks for the reports.
  7. If you're able to answer this question, please do!
  8. TB0ne View Public Profile View LQ Blog View Review Entries View HCL Entries Find More Posts by TB0ne 12-01-2016, 09:05 AM #6 stefanmoller LQ Newbie Registered: Dec 2016 Posts:
  9. And the thing is it can all be blamed on a poorly formatted Download Symantec Secure Site Primary and Secondary Intermediate CA bundle page.
  10. Do not remove them nor disturb them.

How to interpret this decision tree? Answer accepted for just checking the chain properly. –kron Jan 29 '11 at 15:56 If you think you copied and pasted correctly double check for white space. You could use the editor to put the text fragments into "code blocks". –Dan Garthwaite Mar 17 '16 at 14:03 add a comment| up vote 1 down vote The fix above Hi stefanmoller, Please find log file below Quote: [Thu Dec 01 12:44:45 2016] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec) [Thu Dec 01 12:44:45 2016] [warn] RSA server certificate CommonName (CN) `www.example.com'

And onemore thing the certificate is .crt format Can you send the following file. Failed To Configure Certificate (with Chain) LinuxQuestions.org > Forums > Linux Forums > Linux - Server SSL installation "Failed to configure CA certificate chain!" error User Name Remember Me? Also, each of the SSL virtual servers work if they are the only ones in the config file. http://stackoverflow.com/questions/30620004/apache-failed-to-configure-ca-certificate-chain stefanmoller View Public Profile View LQ Blog View Review Entries View HCL Entries Find More Posts by stefanmoller 12-01-2016, 10:19 AM #7 sundialsvcs LQ Guru Registered: Feb 2004 Location:

Restart service without sudo password Recent Comments Archives December 2016 October 2016 September 2016 June 2016 March 2016 December 2015 November 2015 December 2014 November 2014 August 2014 July 2014 Categories share|improve this answer edited Mar 17 '16 at 14:15 bangal 6,21321030 answered Mar 17 '16 at 13:17 Paul 211 Good catch and useful caveat. Why do CDs and DVDs fill up from the centre outwards? Mein KontoSucheMapsYouTubePlayNewsGmailDriveKalenderGoogle+ÜbersetzerFotosMehrShoppingDocsBooksBloggerKontakteHangoutsNoch mehr von GoogleAnmeldenAusgeblendete FelderNach Gruppen oder Nachrichten suchen CodeBucketJust another programming blog Sample Page Search Recent Posts Console.re Create Comodo SSL bundle for NGINX Nginx config How to get

Failed To Configure Certificate (with Chain)

And the workaround is (tadaa!): DO NOT ENCRYPT THE SERVER PRIVATE KEYS. http://www.linuxquestions.org/questions/linux-server-73/ssl-installation-failed-to-configure-ca-certificate-chain-error-4175594485/ What's the male version of "hottie"? Apache 2.4 Failed To Configure Ca Certificate Chain! For the substantial premium clients pay to use SSL Verisign certificates I must say I really expected better. Bad File Contents Or Format - Or Even Just A Forgotten Sslcertificatekeyfile Apache just chokes with "Failed to configure CA certificate chain!" or "Unable to configure verify locations for client authentication" errors.

What is this blue thing in a photograph of a bright light? his comment is here Last edited by sundialsvcs; 12-01-2016 at 12:57 PM. One with a self-signed root CA certificate ROOT->C1->SSL virtual host Two with an 'official' CA certificate ROOT->C1->C2->SSL virtual host Everything has been configured, Apache has been happily chugging along... Stack Overflow depends on everyone sharing their knowledge. Expecting: Trusted Certificate

Apache now started succesfully. Anyway, that's it for now. -OO- Comment 4 kris.verbeeck 2003-07-01 06:53:57 UTC Same problem here. Safe way to get a few more inches under car on flat surface How can "USB stick" online identification possibly work? http://supportcanonprinter.com/failed-to/failed-to-install-and-configure-assemblies-notificationservices-dll.html Comment: Please enter a comment Verification: Remember Me?

Symantec should fix this ASAP. more hot questions question feed about us tour help blog chat data legal privacy policy work here advertising info mobile contact us feedback Technology Life / Arts Culture / Recreation Science Yes even though it does say the word 'Download' you are actually asked to copy and paste; brilliant considering that if you do so your resulting file is malformed due to

This is what I get in the logs... [Sat Jan 29 07:57:13 2011] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suex$ [Sat Jan 29 07:57:13 2011] [error] Failed to configure CA certificate chain!

Find More Posts by sundialsvcs 12-02-2016, 09:43 AM #12 P.G.Krish Member Registered: Jun 2016 Distribution: Ubuntu Posts: 61 Original Poster Rep: Quote: Originally Posted by sundialsvcs The "Common Name I tried reproducing the error on my local 14.04 by installing a new Apache and copying the certificates and one of the config files for one of the sites to my OMG... The same problem occurred with the same certificates.

Trying to restart Apache kept giving us the following error message [Wed Jun 03 12:21:51.875811 2015] [ssl:emerg] [pid 30534] AH01903: Failed to configure CA certificate chain! [Wed Jun 03 12:21:51.875846 2015] Post A Comment Title: Please enter a title Name: Please enter your name Email: Email is not required, but it must be valid if specified. SSLCertificateFile /your/path/to/crt.crt SSLCertificateKeyFile /your/path/to/key.key SSLCertificateChainFile /your/path/to/DigiCertCA.crt I had it working fine with a self signed key, but can't get it to work with the DigiCertCA crt. http://supportcanonprinter.com/failed-to/failed-to-execute-goal-org-apache-maven-plugins.html Password Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Not too bad. Verisign/Symantec "Failed to configure CA certific... Is this going to be the ONLY certificate for this server, or others? iBlog Trevor Johnson Home Archives Contact << Moodle 2.2.2 Backup Issue | Home Apache 2.4 and the missing SSL certificate chain issue, my notes.

I requested a server certificate from our corporate CA, which is an intermediate CA for GlobalSign, this was done using an online MS certificate server service. If you find that you're using a text-editor at any part of the process, you are doing something wrong. I even upgraded both my local machine and the 14.04 server to ensure the libs and Apache version are identical, but the one works and the other one doesn't and I When you generate the CSR the created file should look as follows Quote: -----BEGIN CERTIFICATE REQUEST----- -----END CERTIFICATE REQUEST----- -----BEGIN PRIVATE KEY----- -----END PRIVATE KEY----- When creating

This thread that you posted: http://serverfault.com/questions/228...tificate-chain ...is VERY on point. This is the file that needs to be kept "profoundly secret." Last edited by sundialsvcs; 12-01-2016 at 10:22 AM. 1 members found this post helpful. Thank you and I am glad this was easy to find.ReplyDeleteMujtaba HaiderMarch 17, 2014 at 10:50 PMThank you a lot, your article made me review my intermediate.crt file and i found On each occasion, Apache startup failed.

Hope this helps you out, feel free to follow me on twitter: @danielsokolows or google plus. Finally, 'openssl verify' does not find anything amiss with the CA chains. There were 3 successfull starts and 1 unsuccessful one. Comment 9 Joe Orton 2004-03-10 18:16:23 UTC *** Bug 13585 has been marked as a duplicate of this bug. *** Comment 10 Joe Orton 2004-06-10 15:09:01 UTC *** Bug 29496 has

Are there any rules of thumb for the most comfortable seats on a long distance bus? View my complete profile Picture Window template. asked 1 year ago viewed 1009 times Related 33Apache Name Virtual Host with SSL3apache server keeps crashing on ubunutu, ssl: caught SIGTERM, shutting down365Where is my httpd.conf file located apache0Need to But then...

A brand new key should be created for each re-issue of any certificate, since this is what provides the fundamental security. .crt (certificate) file: This is the cryptographic certificate corresponding to Comment 5 David Tonhofer 2004-02-09 17:45:07 UTC I have tried with Apache 2.0.47 and openssl-0.9.7b.