我从GoDaddy购买了Contabo VPS和域+ SSL证书。我使用此指南从我的VPS生成CSR:https://uk.godaddy.com/help/apache-generate-csr-certificate-signing-request-5269
我想在VPS上安装SSL证书。
openssl req -new -newkey rsa:2048 -nodes -keyout yourdomain.key -out yourdomain.csr上面的这个命令是我用来生成CSR私钥来颁发证书的命令。VPS已经安装了Rocky Linux 9。收到证书并安装后:
<VirtualHost *:443>
ServerName mydomain.info
ServerAlias mydomain.info
DocumentRoot /var/www/mydomain.info/html
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} "Go-http-client/1.1" [NC]
RewriteRule .* - [F,L]
SSLEngine on
SSLCertificateFile /etc/ssl/private/mydomain.crt
SSLCertificateKeyFile /etc/ssl/private/privatekey.key
SSLCertificateChainFile /etc/ssl/private/intermediate.crt
ErrorLog /var/www/mydomain.info/log/error.log
CustomLog /var/www/mydomain.info/log/requests.log combined
</VirtualHost>正在重新启动httpd服务我遇到了此错误(ssl_error. log):
[Tue Apr 18 14:07:04.789184 2023] [ssl:emerg] [pid 1109:tid 1109] AH02572: Failed to configure at least one certificate and key for vmi1276647.contaboserver.net:443
[Tue Apr 18 14:07:04.789461 2023] [ssl:emerg] [pid 1109:tid 1109] SSL Library Error: error:0480006C:PEM routines::no start line (Expecting: DH PARAMETERS) -- Bad file contents or format - or even just a forgotten SSLCertificateKeyFile?
[Tue Apr 18 14:07:04.789473 2023] [ssl:emerg] [pid 1109:tid 1109] SSL Library Error: error:0480006C:PEM routines::no start line (Expecting: EC PARAMETERS) -- Bad file contents or format - or even just a forgotten SSLCertificateKeyFile?
[Tue Apr 18 14:07:04.789482 2023] [ssl:emerg] [pid 1109:tid 1109] SSL Library Error: error:0A0000B1:SSL routines::no certificate assigned我想知道我正在使用的域名是否与这个“www.example.com”域名发生了某种“冲突”vmi1276647.contaboserver.net。
我有另一个安装了SSL的Contabo VPS,但这是我第一次尝试在他们的服务器上手动安装“外部”SSL证书。我是否缺少apache配置文件中的某些内容,或者无法在Contabo机器上安装外部SSL证书?
谢谢你的帮助!
1条答案
按热度按时间xytpbqjk1#
UPDATE我注解了ssl.conf文件(位于/etc/httpd/conf.d文件夹下)中的“SSLEngine on”行,现在服务器启动了,SSL证书似乎已经安装。
我认为这与VirtualHost conf中的相同指令冲突。