[warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?) - Apache Error Solution

Does this mean? [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)

Basically it means you created your SSL Certificate as a CA the wrong way, usually with this command:

openssl req -new -x509 -nodes -days 1530 -out server.crt -keyout server.key
 

How can you fix it and do it properly?

Step 1.) Make a new Private KeyCreate server pass key:

openssl genrsa -des3 -passout pass:x -out server.pass.key 2048
Create private key
openssl rsa -passin pass:x -in server.pass.key -out server.key
remove server.pass.key (not needed after you have your private key)
rm server.pass.key

Step 2.) Generate your CSR

Use the newly created server.key (Private Key) to generate your CSR).

openssl req -new -key server.key -out server.csr

Step 3.) Create .CRT using your CSR

openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

 

Latest Articles

  • Centos 7 - Convert Minimal to Graphical GUI GNOME or KDE Desktop
  • AMD Set Fan Speed and Other Powerplay Memory/CPU Timings with a Linux script
  • Ethereum Mining Claymore Nanopool Error
  • genisoimage errors with long filenames and deep directory structures
  • Linux Kernel USB Export Errors
  • How to download gajim 0.16.9 XMPP/Jabber client so you can use OMEMO encryption
  • HP DL385 G7 Linux BIOS Update Flash
  • hwloc-nox set CPU affinity in Linux
  • Firefox An error occurred during a connection to some-ip-or-domain. SSL peer reports incorrect Message Authentication Code. Error code: SSL_ERROR_BAD_MAC_ALERT Solution
  • Proxmox understanding the directory structure and why an NFS datastore appears to be missing files/isos
  • pandoc convert markdown to html
  • Proxmox error uploading an iso solution
  • Cannot install moodle
  • MySQL change for Antelope format to Barracuda error solution
  • vmkping -I vmk1 10.0.2.69 PING 10.0.2.69 (10.0.2.69): 56 data bytes sendto() failed (Host is down)
  • gvfs mount in /run/user cannot be accessed or displayed wrong permissions
  • VMWare vSphere 6.7 Errors Solution 503 Service Unavailable (Failed to connect to endpoint:
  • How To Enable Nested KVM so guests can virtualize with hardware extensions
  • vi error solution E166: Can't open linked file for writing
  • Supermicro IPMI / KVM / BMC Remote Console Screen Resizing Issue - Window Cut Off Solution