Hi, I was trying to configure an SSL created for the origin server, but at the moment of wanting to start apache it returns errors for which I could not find a solution, it helps!
An apology for the translation, I don’t speak English and had to manage.
Error:
[Fri Aug 13 20:42:46.183263 2021] [ssl:warn] [pid 43975] AH01906: vonkaster.live:443:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Fri Aug 13 20:42:46.183360 2021] [ssl:warn] [pid 43975] AH01909: vonkaster.live:443:0 server certificate does NOT include an ID which matches the server name
[Fri Aug 13 20:42:46.183901 2021] [ssl:emerg] [pid 43975] AH02561: Failed to configure certificate localhost:443:0, check /etc/apache2/cloudflare/public.crt
[Fri Aug 13 20:42:46.183934 2021] [ssl:emerg] [pid 43975] SSL Library Error: error:0D07207B:asn1 encoding routines:ASN1_get_object:header too long
[Fri Aug 13 20:42:46.183952 2021] [ssl:emerg] [pid 43975] SSL Library Error: error:0D068066:asn1 encoding routines:asn1_check_tlen:bad object header
[Fri Aug 13 20:42:46.183970 2021] [ssl:emerg] [pid 43975] SSL Library Error: error:0D07803A:asn1 encoding routines:asn1_item_embed_d2i:nested asn1 error (Type=X509)
[Fri Aug 13 20:42:46.183987 2021] [ssl:emerg] [pid 43975] SSL Library Error: error:0906700D:PEM routines:PEM_ASN1_read_bio:ASN1 lib
[Fri Aug 13 20:42:46.184003 2021] [ssl:emerg] [pid 43975] SSL Library Error: error:140AD009:SSL routines:SSL_CTX_use_certificate_file:PEM lib
AH00016: Configuration Failed
Sounds like you have used the wrong files in the Apache configuration. You need the two files you received when you created the origin certificate, and then these two lines:
You normally don’t need SSLCertificateChainFile, or the origin root certificate.
You will need to configure ServerName in the VirtualHost.
There is a translation tool built into the Community, and a few of the regulars and MVPs are native speakers in foreign languages. So feel free to use your native tongue.
Gracias por la aclaración sobre el idioma, me ayuda mucho!
En mi archivo de configuración (000-default.conf) definí la ruta del certificado y de su respectiva clave privada, y probando con cualquier otro SSL me funciona a la perfección.
No entiendo que es lo que pasa, es como si no fuera válido el certificado que me provee cloudflare
Así es como tengo definidas las rutas:
SSLEngine on
SSLCertificateFile /etc/apache2/cloudflare/public.crt
SSLCertificateKeyFile /etc/apache2/cloudflare/private.key
No logro colocar un certificado de ese estilo, ya no se que hacer…
He intentando general certificados de cliente y de “Servidor de Origen”, pero cuando los instalo ninguno de los dos me da resultado, simplemente apache no inicia y me devuelve el mismo error…
[Sat Aug 14 13:23:53.471078 2021] [ssl:warn] [pid 56696] AH01906: vonkaster.live:443:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Sat Aug 14 13:23:53.471219 2021] [ssl:warn] [pid 56696] AH01909: vonkaster.live:443:0 server certificate does NOT include an ID which matches the server name
[Sat Aug 14 13:23:53.472003 2021] [ssl:emerg] [pid 56696] AH02562: Failed to configure certificate localhost:443:0 (with chain), check /etc/apache2/cloudflare/public.pem
[Sat Aug 14 13:23:53.472065 2021] [ssl:emerg] [pid 56696] SSL Library Error: error:0D07207B:asn1 encoding routines:ASN1_get_object:header too long
[Sat Aug 14 13:23:53.472102 2021] [ssl:emerg] [pid 56696] SSL Library Error: error:0D068066:asn1 encoding routines:asn1_check_tlen:bad object header
[Sat Aug 14 13:23:53.472136 2021] [ssl:emerg] [pid 56696] SSL Library Error: error:0D07803A:asn1 encoding routines:asn1_item_embed_d2i:nested asn1 error (Type=X509)
[Sat Aug 14 13:23:53.472168 2021] [ssl:emerg] [pid 56696] SSL Library Error: error:0906700D:PEM routines:PEM_ASN1_read_bio:ASN1 lib
[Sat Aug 14 13:23:53.472200 2021] [ssl:emerg] [pid 56696] SSL Library Error: error:140DC009:SSL routines:use_certificate_chain_file:PEM lib
AH00016: Configuration Failed