[warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?) - Apache Error Solution -

[warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?) - Apache Error Solution

Does this mean? [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)

Basically it means you created your SSL Certificate as a CA the wrong way, usually with this command:

openssl req -new -x509 -nodes -days 1530 -out server.crt -keyout server.key
 

How can you fix it and do it properly?

Step 1.) Make a new Private KeyCreate server pass key:

openssl genrsa -des3 -passout pass:x -out server.pass.key 2048
Create private key
openssl rsa -passin pass:x -in server.pass.key -out server.key
remove server.pass.key (not needed after you have your private key)
rm server.pass.key

Step 2.) Generate your CSR

Use the newly created server.key (Private Key) to generate your CSR).

openssl req -new -key server.key -out server.csr

Step 3.) Create .CRT using your CSR

openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

 


  • How To Create Apache htpasswd file
  • possible SYN flooding on ctid 42131, port 80. Sending cookies. - Solution
  • Linux last command show login by IP instead of hostname
  • Install Windows From a Linux TFTP Server instead of using WDS Solution
  • How To Secure Samba NMBD/SMBD to bind to a specific IP address
  • tftp: client does not accept options - solution if you are using UEFI PXEBoot disable it!
  • Linux how to view video card make and exact model
  • Authentication refused: bad ownership or modes for directory /home/user SSH Public Key Authentication Failed Solution
  • How to Update Linux /usr/share/misc/pci.ids
  • pcimodules and lspci not working alternative solution
  • How to disable Google Fonts in Wordpress
  • Unable to load dynamic library /usr/lib64/php/modules/php_openssl
  • mysqld in Linux hacked
  • W: GPG error: http://archive.debian.org squeeze Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY AED4B06F473041FA NO_PUBKEY 64481591B98321F9
  • cannot mount kvm ntfs image
  • h264 DVR security camera footage cannot be played
  • dhcpd.conf how to secure so only known and allowed clients will be given dhcpd IP address leases
  • Thunderbird E-mail List Blank White but e-mails still clickable and viewable
  • css responsive images
  • responsive table without changing much code solution