-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Jim Perrin Sent: Monday, January 23, 2006 5:29 PM To: CentOS mailing list Subject: Re: [CentOS] Self-signed certificates
Just tried those instructions and got the same result.
Does the
certificate name have to be called 'server'
No, but that's the default. If you change it to something
else, then
you need to edit /etc/httpd/conf.d/ssl.conf to match.
I tried putting the info for the secure sub-domain in the ssl.conf with the name of the sub-domain certificate but that didn't work either. Still shows the certificate for the top-level domain. :-(
Hmm, maybe I'm not clear on what you're trying to do. Is this a virtual host? Is it a Name based virtual host? ssl is done per ip, so if you're doing name based virtual hosting, you only get one cert, unless you change to a non-standard https port for your second secure host.
Yes, this is a named based virtual host.
It must be stuck on being named 'server'. I changed/renamed the subdomain.key and subdomain.crt to server.key and server.crt and now get the proper name on the certificate for the sub-domain but now don't have a certificate for the top level domain.
The way around this (not a GOOD way, but a way) is to generate an ssl cert for *.domain.com. This way it's valid for all subdomains.
Hmmm. I'll give that a try. Not really interested in the error about being 'self-signed' (issuing authority) but just want the name to be right and the security to be there.
Will try and let you know.
Thanks!!!!!!!!!