Hostname, Apache, and SSL
xlargebear at bellsouth.net
xlargebear at bellsouth.net
Sat Mar 26 20:00:03 MST 2005
Hi B (or anyone who reads this)
This is driving me nuts. My old hostname in my Linux box was Linux
since at the time I didn't have a domain. I changed that and now when I
do hostname I get www.mydomain.com. When I type dnshostname I get
mydomain.com without www. So far so good.
I went ahead and created my key:
openssl genrsa -des3 -out www.mydomain.com.key 1024
Then I created my certificate signing request:
openssl req -new -key www.mydomain.com.key -out www.mydomain.com.crs
when openssl asks me for my Common Name I enter www.mydomain.com
After that I create my self signed certificate
openssl x509 -req -days 365 -in www.mydomain.com.csr -signkey
www.mydomain.com.key -out www.mydomain.com.crt
Finally the configuration for SSL in httpd.conf file wich is a very
simple set up
<VirtualHost 192.168.1.103:443>
ServerName www.mydomain.com
DocumentRoot /var/www/html/mydomain
<Directory /var/www/html/mydomain>
Options None
Order allow,deny
Allow from all
</Directory>
SSLEngine On
SSLCertificateFile /etc/httpd/ssl/www.mydomain.com.crt
SSLCertificateKeyFile /etc/httpd/ssl/www.mydomain.com.key
</VirtualHost>
When I start Apache with ssl it seems to start without a problem.
However, I can not connect from inside or outside to it. In the
ssl_error.log I get the following line:
[Sat Mar 26 14:55:38 2005] [warn] RSA server certificate CommonName
(CN) `Linux' does NOT match server name!?
"Linux" used to be my old hostname in my machine. I already changed it
so I don't know where apache is getting that hostname from.
Without ssl apache works and have been working fine for months.
Thanks for all your help.
Froinds ( not really that large :) )
On Mar 26, 2005, at 6:29 PM, B1 wrote:
> If it already is working then you must have a static
> ip(or a dynamic client) and you are using ns servers
> from whom ever you registered your domain through;
> they are pointing your something.com to your ip...no
> need to setup bind now, but if you wanted complete
> control( as most linux freeks do) then you'd setup
> bind but if it ain't broke then don't try to fix it
>
> B1
>
> --- xlargebear at bellsouth.net wrote:
>> Thank you for your answer Mr. B1
>> I'm already running my website under that domain and
>> it works without
>> setting up bind. I'm behind a linksys router that
>> points port 80 and
>> 443 to the box running apache.
>> Would I still need to set bind?
>> Froinds
>>
>>
>> On Mar 25, 2005, at 2:58 PM, B1 wrote:
>>
>>> Well first of all Mr. Xlargebear,
>>>
>>> You need to edit your /etc/sysconf/network file
>> and
>>> change hostname to what you'd like it to be.
>>>
>>> Your second and more laborious issue may be
>> setting up
>>> bind and named to make your box a dns for your
>> domain.
>>> Just setting the hostname as something.com won't
>> allow
>>> me to point my browser to you and access your
>> apache
>>> homepage. If you registered a domain name then you
>>> should edit your hosts file in the /etc/hosts
>> location
>>> and add the name there, but this will only point
>> you
>>> to your box not other computers from your intranet
>> or
>>> THE internet..such as typing something.com in the
>>> browser on the LOCAL machine and getting your
>> apache
>>> homepage.
>>>
>>> 3rd..you really would fair better with a static IP
>>> address and have it in your hosts file with your
>> FQD
>>> and other aliases and in your zone file and
>> named.conf
>>> if you want the world to have access to
>>> www.something.com
>>>
>>> if you have gnome then as root do;
>>>
>>> gedit /etc/sysconf/network
>>>
>>> if kde then use kedit
>>>
>>> save that then do:
>>>
>>> service network restart
>>>
>>> All should be good...if not restart the box or
>> restart
>>> the other processes that aren't using the new
>>> hostname. Try this first and just ignore
>> everything
>>> else if that fixes your problem.
>>>
>>> If not then you need to scavenge the net for dns
>>> howto's...if they are too hairy for you then reply
>>> back with your concerns and I'll do my best to
>> assist.
>>>
>>>
>>>
>>> --- xlargebear at bellsouth.net wrote:
>>>> Hi
>>>> I got an issue with the hostname of my machine
>> not
>>>> sticking after
>>>> reboot. I'm trying to set up Apache with SSL and
>> I
>>>> haven't gotten it to
>>>> work because of the hostname not matching the
>>>> CommonName in the SSL
>>>> certificate.
>>>> When I installed YDL4 I didn't have a domain name
>>>> back then so I set
>>>> the hostname to Linux. Now I have a domain name
>> and
>>>> I'd like to change
>>>> the hostname. I did hostnam www.mydomain.com and
>> it
>>>> shows as that when
>>>> you enter hostname in the terminal. However, when
>>>> apache starts with
>>>> SSL the hostname it picks up is Linux (the old
>> one)
>>>> in spite of the
>>>> fact that hostname shows the new name. When I
>>>> restart after changing
>>>> the hostname, it goes back to the old one: Linux.
>>>> What am I missing here guys?
>>>> My machine is a Beige G3 266 booting with BootX (
>> I
>>>> don't know if this
>>>> is relevant )
>>>> Thanks
>>>> Froinds
>>>>
>>>> _______________________________________________
>>>> yellowdog-general mailing list
>>>> yellowdog-general at lists.terrasoftsolutions.com
>>>>
>>>
>>
> http://lists.terrasoftsolutions.com/mailman/listinfo/yellowdog-general
>>>> HINT: to Google archives, try '<keywords>
>>>> site:terrasoftsolutions.com'
>>>>
>>> _______________________________________________
>>> yellowdog-general mailing list
>>> yellowdog-general at lists.terrasoftsolutions.com
>>>
>>
> http://lists.terrasoftsolutions.com/mailman/listinfo/yellowdog-general
>>> HINT: to Google archives, try '<keywords>
>> site:terrasoftsolutions.com'
>>>
>>
>> _______________________________________________
>> yellowdog-general mailing list
>> yellowdog-general at lists.terrasoftsolutions.com
>>
> http://lists.terrasoftsolutions.com/mailman/listinfo/yellowdog-general
>> HINT: to Google archives, try '<keywords>
>> site:terrasoftsolutions.com'
>>
> _______________________________________________
> yellowdog-general mailing list
> yellowdog-general at lists.terrasoftsolutions.com
> http://lists.terrasoftsolutions.com/mailman/listinfo/yellowdog-general
> HINT: to Google archives, try '<keywords> site:terrasoftsolutions.com'
>
More information about the yellowdog-general
mailing list