Hi I have purchased the wildcard domain from godaddy
I have genearted the CSR using the below command on ubuntu 16 & apache
openssl req -newkey rsa:2048 -nodes -keyout buymytime.com.key -out buymytime.com.csr
In the FQDN name I typed buymytime.com
Then using cat buymytime.com.csr I copied the CSR and pasted in godaddy and then downloaded the godaddy zip file and renamed it to buymytime.csr and intermediate.csr and copied the files to /etc/ssl/ and
then modified the 000-default.conf in with the directives mentioned in the tutorials
One more thing I noticed is When I test on this link https://casecurity.ssllabs.com/analyze.html?d=buymytime.com
I get common name mismatch error. my FQDN is bmt.buymytime.com or how can I edit the ubuntu-512mb-blr1-01 MISMATCH error provided in above link to my FQDN
While in apache error logs there is the following errors:
[Sat Sep 24 06:25:01.999237 2016] [ssl:warn] [pid 1877] AH01909: bmt.buymytime.com:443:0 server certificate does NOT include an ID which matches the server name [Sat Sep 24 06:25:01.999393 2016] [mpm_prefork:notice] [pid 1877] AH00163: Apache/2.4.18 (Ubuntu) OpenSSL/1.0.2g configured -- resuming normal operations [Sat Sep 24 06:25:01.999402 2016] [core:notice] [pid 1877] AH00094: Command line: '/usr/sbin/apache2' [Sat Sep 24 06:44:30.898414 2016] [mpm_prefork:notice] [pid 1877] AH00169: caught SIGTERM, shutting down [Sat Sep 24 06:44:31.981157 2016] [ssl:warn] [pid 3422] AH01909: bmt.buymytime.com:443:0 server certificate does NOT include an ID which matches the server name [Sat Sep 24 06:44:31.982112 2016] [ssl:emerg] [pid 3422] AH02565: Certificate and private key buymytime.com:443:0 from /etc/ssl/buymytime.com.crt and /etc/ssl/private/buymytime.com.key do not match AH00016: Configuration Failed
I dont know what is this regarding but your help can save my day.
Solved! Go to Solution.
What you're doing may require some non-standard implementations of the SSL, but best to get the advice of 24/7 support. They have the ear of the expert SSL Staff at x.co/247support
Thomas D. - GoDaddy | Community Moderator
Looking over the log you provided I see a possible issue. the name mismatch error is due to AH02565
[Sat Sep 24 06:44:31.982112 2016] [ssl:emerg] [pid 3422] AH02565: Certificate and private key buymytime.com:443:0 from /etc/ssl/buymytime.com.crt and /etc/ssl/private/buymytime.com.key do not match AH00016: Configuration Failed
Apache is unable to read your Cert due to the Private key not matching up with the Public Certificate.
You will need to re-key your cert and or install the correct Private key.
we have Zimbra 8.8.8 in our environment. We have got ssl certificate from godaddy and imported our CSR file. But as per zimbra it needs root certificates also along with other certs, but unable to find. And also what are the exact certificates i need to download to be compatible with zimbra
Azure require pfx insted of crt.
I downloaded iis and apache format. Both gives only crt files. How to generate pfx format certificate?
Thanks for writing in. When you're creating a .pfx, you'll need a copy of the private key from your server, as well as the .crt file that you downloaded from GoDaddy. You can use OpenSSL commands in command line to create the PFX, I'm including a sample below:
openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt -certfile more.crt
This will create a certificate.pfx file from your private key, as well as the .crt you downloaded. You'll just need to make sure that you update the names in the sample code above to match your certificate/private key information.
Hope this helps!
Tech Writer at GoDaddy