[warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?) - Apache Error Solution

Does this mean? [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)

Basically it means you created your SSL Certificate as a CA the wrong way, usually with this command:

openssl req -new -x509 -nodes -days 1530 -out server.crt -keyout server.key
 

How can you fix it and do it properly?

Step 1.) Make a new Private KeyCreate server pass key:

openssl genrsa -des3 -passout pass:x -out server.pass.key 2048
Create private key
openssl rsa -passin pass:x -in server.pass.key -out server.key
remove server.pass.key (not needed after you have your private key)
rm server.pass.key

Step 2.) Generate your CSR

Use the newly created server.key (Private Key) to generate your CSR).

openssl req -new -key server.key -out server.csr

Step 3.) Create .CRT using your CSR

openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

 


Tags:

rsa, server, certificate, ca, basicconstraints, apache, solutiondoes, ssl, openssl, req, nodes, crt, keyout, keycreate, genrsa, des, passout, passin, rm, generate, csr, newly, signkey,

Latest Articles

  • Linux named / bind how to dump, view and clear the cache!
  • Centos 6 / 7 / 8 How To Change Default nameservers in /etc/resolv.conf when using DHCP / dhclient
  • Adobe Acrobat Reader for Linux to use and view XFA Fillable Forms
  • Debian Linux Mint Ubuntu iptables save and restore settings automatically onboot and reboot
  • Why SMART is not smart at all and doesn't properly predict disk errors that cause a kernel panic or crash
  • scp: ambiguous target error and solution
  • VirtualBox How To Add iSCSI Storage using VBoxManage
  • iSCSI on Centos 7 Configuration and Setup Guide for Initiator and Target
  • Python and BeautifulSoup4's BS4's Decompose Method To Remove Unwanted Inner Tags
  • httpd AH00534: httpd: Configuration error: No MPM loaded. solution
  • bash script to remove modules from httpd.conf that are not actually installed
  • bash scripting how to create a function
  • Centos 7 PHP MySQL Not Working Solution
  • Bash How To Cut or Split Natively And Get The LAST Field
  • Bash Script How To Manipulate Text/Strings By Searchig and Replacing Natively
  • How Does Cisco CUCM (Cisco Unified Communication Manager) Work?
  • What DNS Options Does Active Directory Offer in Windows Server 2008,2012,2016 ?
  • syntax error, unexpected T_SL in PHP Solution
  • grep regular expression match number range between specific numbers
  • bash how to print out lines of text within a range from the first occurrence