I'm trying to enable ssl (tls?) I ran into these errors and I have these questions.
- Why did apache not restart? And how do I get it to restart? Replacing restart with start does not work.
- Could skipping step three be causing the problem? If so how do I complete step three?
- I actually created a new .csr and .key file (I'm new to all of this) with a different names. Could this be causing the problem? the .csr and .key files that are there are named something different than the new ones I created. Should I replace the old .csr and .key files with the new ones I created to get the .crt files? Should I replace the old .csr and .key files by renaming the new ones I created and adding the new files to the directory overwriting the old files?
I followed these steps which can be found here
https://wiki.bitnami.com/Components/Apache#How_to_enable_HTTPS_support_with_SSL_certificates.
I got two certificates from my ca one was named a random alpha numeric string such as 8d0g03k02K.crt the other was named using common english and had the word bundle in it dot crt. what I did was rename the random string server.crt and the file with the word bundle in it to server-ca.crt. both of these files end with .crt
Next with the help of ftp I replaced the server.crt file that was in /opt/bitnami/apache2/conf/ with the .crt file that I renamed server.crt from the random alphanumeric string. I also upload the file renamed to server-ca.crt from the file name that used the word bundle in it.
Now I try to step three below but when I open httpd.conf I search for SSLCertificateKeyFile to add /opt/bitnami/apache2/conf/server-ca.crt. There is no SSLCertificateKeyFile word in httpd.conf.
I then proceed no to steps 4 and 5 because I don't know what to do with step 3.
when I type the command to restart it starts to restart ok and then I got an error httpd could not be restarted.
- Why did apache not restart? And how do I get it to restart? Replacing restart with start does not work.
- Could skipping step three be causing the problem? If so how do I complete step three?
- I actually created a new .csr and .key file (I'm new to all of this) with a different names. Could this be causing the problem? the .csr and .key files that are there are named something different than the new ones I created. Should I replace the old .csr and .key files with the new ones I created to get the .crt files? Should I replace the old .csr and .key files by renaming the new ones I created and adding the new files to the directory overwriting the old files?
Here are the instructions I followed:
By default, your application is hosted at the root of your c ustom domain name eg. a Wordpress blog hosted at https: //my-domain.com/
Follow these steps to activate SSL support:
1. Use the table below to identify the correct locations for your certificate and configuration files.
Current application URL: https:// [c ustom - domain]/ Example: https: //my-domain.com/
Apache configuration file: /opt/bitnami/apache2/conf/bitnami/bitnami.conf
Certificate file: /opt/bitnami/apache2/conf/server.crt
Certificate key file: /opt/bitnami/apache2/conf/server.key
CA certificate bundle file (if present): /opt/bitnami/apache2/conf/server-ca.crt
2. Copy your SSL certificate and certificate key file to the specified locations. Find out more about uploading and editing files.
NOTE: If you use different names for your certificate and key files, you should reconfigure the SSLCertificateFile and SSLCertificateKeyFile directives in the corresponding Apache configuration file to reflect the correct file names.
3. If your certificate authority has also provided you with a PEM-encoded Certificate Authority (CA) bundle, you must copy it to the correct location in the previous table. Then, modify the Apache configuration file to include the following line below the SSLCertificateKeyFile directive. Choose the correct directive based on your scenario and Apache version:
Apache configuration file: /opt/bitnami/apache2/conf/bitnami/bitnami.conf
Directive to include (Apache v2.4.8+): SSLCACertificateFile “/opt/bitnami/apache2/conf/server-ca.crt”
Directive to include (Apache < v2.4.8): SSLCertificateChainFile “/opt/bitnami/apache2/conf/server-ca.crt”
4. Once you have copied all the server certificate files, you may make them readable by the root user only with the following commands:
sudo chown root:root /opt/bitnami/apache2/conf/server*
sudo chmod 600 /opt/bitnami/apache2/conf/server*
5. Restart the Apache server.
sudo /opt/bitnami/ctlscript.sh restart apache
You should now be able to access your application using an HTTPS URL.