[warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?) - Apache Error Solution -

[warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?) - Apache Error Solution

Does this mean? [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)

Basically it means you created your SSL Certificate as a CA the wrong way, usually with this command:

openssl req -new -x509 -nodes -days 1530 -out server.crt -keyout server.key
 

How can you fix it and do it properly?

Step 1.) Make a new Private KeyCreate server pass key:

openssl genrsa -des3 -passout pass:x -out server.pass.key 2048
Create private key
openssl rsa -passin pass:x -in server.pass.key -out server.key
remove server.pass.key (not needed after you have your private key)
rm server.pass.key

Step 2.) Generate your CSR

Use the newly created server.key (Private Key) to generate your CSR).

openssl req -new -key server.key -out server.csr

Step 3.) Create .CRT using your CSR

openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

 


  • bash Linux how to get first or last letters of a word
  • l2tp ipsec VPN Error Sep 12 18:16:25 vps pluto[7299]: ERROR: asynchronous network error report on eth0 (sport=500) for message to 192.5.6.2 port 20640, complainant 192.5.6.2: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated
  • Centos 5.9 Working Vault Repo file
  • Disable SSH Password Authentication to Increase Security and Harden SSH Linux Unix Server Ubuntu Mint Centos Debian
  • ecryptfs how to mount or recover from a backup
  • Linux bash script to see what connected computers respond to ping
  • rsync specify alternate port non-standard port than 22
  • Centos 6.6/6.9 KVM VM Kernel Panic On Boot - Kernel panic - not syncing: Attempted to kill init!
  • Cannot allocate TUN/TAP dev dynamically - FreeBSD/OpenBSD OpenVPN Client error Solution
  • Linux Mint/Ubuntu/Debian apt how to downgrade a package
  • Ubuntu Linux Mint How To Exclude Stop Package from being Upgraded or Installed
  • Intel NUC Lower Power Green Computing Boxes Review/Comparison of J3160 and J3455 Models
  • How to backup entire computer Linux Mint Ubuntu with tar
  • tar how to ignore failed reads and not exit
  • kdenlive titles/text renders as white screen when using .sh script
  • [1035724.274610] [drm:intel_pipe_update_end [i915_bpo]] *ERROR* Atomic update failure on pipe A (start=62076478 end=62076479) time 102 us, min 894, max 899, scanline start 893, end 900 W: Possible missing firmware /lib/firmware/i915/kbl_dmc_ver1.bin
  • ffmpeg how to watermark and concatenate in one command
  • /usr/bin/ld: cannot find -lboost_system-mt-s /usr/bin/ld: cannot find -lboost_filesystem-mt-s /usr/bin/ld: cannot find -lboost_program_options-mt-s /usr/bin/ld: cannot find -lboost_thread-mt-s collect2: error: ld returned 1 exit status make: *** [cag
  • Wine uninstalled broken on Linux Mint
  • ffmpeg trouble concatenating similar but different files