Secured Connection Failed
An error occured during a connection to www.wallpaperama.comPeer's Certificate has been revoked.
(Error Code: sec_error_revoked_certificate)
the page you are trying to view can not be shown because the authenticy of the received data could not be verified.
Please contact the web site owners to inform them of this problem.
if you are getting this error check out this post on how to fix this problem in your dedicated wallpaper server
Sol:
installing ssl certificate in a godaddy dedicated server with ispconfig
ok this is how it go it to work on my server:
first login as a super user like root
for this example, i will be putting the ssl in the first website so change directory to the first site's path:
change directory to your domain path in my case its web1
send these commands: in the linux shell using ssh
Note, YOURDOMAIN is the name you will give your certificate files, so for my example here i am calling it YOURDOMAIN
we are going to create the CSR
you will be asked for a password. enter a challenged password. for example: W@11p@peraMa - ask you can see from my example, this password uses special characters, numbers and capital letters.
now we create our ssl
Enter pass phrase for YOURDOMAIN.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [GB]:US
State or Province Name (full name) [Berkshire]:California
Locality Name (eg, city) [Newbury]:Los Angeles
Organization Name (eg, company) [My Company Ltd]:Wallpaperama Inc.
Organizational Unit Name (eg, section) []:Hosting
Common Name (eg, your name or your server's hostname) []:www.YOURDOMAIN.com
Email Address []:security@YOURDOMAIN.com
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:W@11p@peraMa
An optional company name []:Wallpaperama Inc.
once you have created your CSR, send this command:
you will see the two files created:
now we are going to copy and paste the csr to the godaddy website:
and you will see something that looks like this:
so now go to the godaddy website and go to manage your sll:
so copy and paste the certificate into the CSR field in godaddy.
then, godaddy will create two files for you, so download to your computer. so clikc on the Download Signed Certificate link
upload or FTP those two file to /var/www/web1/ssl/
now you will have all the ssl files in on directory
ok, you will need to edit the ssl.conf file
i am using fedora 9 to do this so this is the location of the ssl.conf file
make a backup of the orginal just incase you make an error.
edit the original ssl configureation file. i am using nano, but if you prefer you can use your favorite text editor. some geeks like to use vi, thats fine, whatever you like. i just happen to like nano better
now look for these directives and change them to these:
once you have made the changes, save them and now reboot web server
you are don, now you can test your site:
https://www.YOURDOMAIN.com
as you can see from the red arrow, its working good for me
UPDATE: i wanted to update this post to let you know i found another way that works also:
how-to-setup-and-install-goddaddy-ssl-certificate-with-ispconfig
first login as a super user like root
for this example, i will be putting the ssl in the first website so change directory to the first site's path:
change directory to your domain path in my case its web1
cd /var/www/web1/ssl/
send these commands: in the linux shell using ssh
Note, YOURDOMAIN is the name you will give your certificate files, so for my example here i am calling it YOURDOMAIN
we are going to create the CSR
openssl genrsa -des3 -out YOURDOMAIN.key 1024
you will be asked for a password. enter a challenged password. for example: W@11p@peraMa - ask you can see from my example, this password uses special characters, numbers and capital letters.
Generating RSA private key, 1024 bit long modulus
.......................................................................................................++++++
..........++++++
e is 65537 (0x10001)
Enter pass phrase for YOURDOMAIN.key:
Verifying - Enter pass phrase for YOURDOMAIN.key:
.......................................................................................................++++++
..........++++++
e is 65537 (0x10001)
Enter pass phrase for YOURDOMAIN.key:
Verifying - Enter pass phrase for YOURDOMAIN.key:
now we create our ssl
openssl req -new -key YOURDOMAIN.key -out YOURDOMAIN.csr
Enter pass phrase for YOURDOMAIN.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [GB]:US
State or Province Name (full name) [Berkshire]:California
Locality Name (eg, city) [Newbury]:Los Angeles
Organization Name (eg, company) [My Company Ltd]:Wallpaperama Inc.
Organizational Unit Name (eg, section) []:Hosting
Common Name (eg, your name or your server's hostname) []:www.YOURDOMAIN.com
Email Address []:security@YOURDOMAIN.com
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:W@11p@peraMa
An optional company name []:Wallpaperama Inc.
once you have created your CSR, send this command:
ls
you will see the two files created:
YOURDOMAIN.csr YOURDOMAIN.key
now we are going to copy and paste the csr to the godaddy website:
cat YOURDOMAIN.csr
and you will see something that looks like this:
-----BEGIN CERTIFICATE REQUEST-----
1csMI3ICGzCCAYQCAQAwgaUxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlh
MRMwEQYDVQQHEwpQbGVhc2FudG9uMRQwEgYDVQQKEwtXZWJ1bmUgSW5jLjEQMA4G
A1UE3CxMHSG9zdGluZMB8GA1UEAxMYd3d3LndhbGxwYXBlcmhvc3RpbmcuY29t
MSEwHwYJKoZIhvcNAQkBFhJzdXBwb3J0QHdlYnVuZS5jb20wgZ8wDQYJKoZIhvcN
AQEBB3QADgY0AMIGJAoGBAO/7155GKkgSAFtZBkLbY6E87vvoS1fAK6uUivTPsQbA
pJnlpSUaeP/FiNcGtrRJ9+cXwliEketiuXpIcqe/9s8lQsxKfayuZcpERkw4
jl8pH3B1ynqTli/LyNIvoiB28o+HQS5u72pTKyKKJl+yBn4BCw+PU5WXEkH9LiPy5
AgMBAAGgNsdsTAXBgkqhkiG9w0BCQcxCgwIQGJuMHJtYWwwGgYJKoZIhvcNAQkCMQ0T
C1dl3YnVuZasaSBJbmMGCSqGSIb3DQEBBQUAA4GBANOx6FupxFPJ1JhCOiqfpBaN
8dPy/fp/qGFZadczaJmSE15f93/LIPPcGytOhIDmOYhRB0nU/qCVkOt1SoMb4ZUc
16QUu3apbm0K9RCNswnmMRlG+y8GwQLosfPSbUG4oYfIZgsBohH3aiRqLH1w3LFzi
PNxD3/fS0aEAXzHTlFmJ8
-----END CERTIFICATE REQUEST-----
1csMI3ICGzCCAYQCAQAwgaUxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlh
MRMwEQYDVQQHEwpQbGVhc2FudG9uMRQwEgYDVQQKEwtXZWJ1bmUgSW5jLjEQMA4G
A1UE3CxMHSG9zdGluZMB8GA1UEAxMYd3d3LndhbGxwYXBlcmhvc3RpbmcuY29t
MSEwHwYJKoZIhvcNAQkBFhJzdXBwb3J0QHdlYnVuZS5jb20wgZ8wDQYJKoZIhvcN
AQEBB3QADgY0AMIGJAoGBAO/7155GKkgSAFtZBkLbY6E87vvoS1fAK6uUivTPsQbA
pJnlpSUaeP/FiNcGtrRJ9+cXwliEketiuXpIcqe/9s8lQsxKfayuZcpERkw4
jl8pH3B1ynqTli/LyNIvoiB28o+HQS5u72pTKyKKJl+yBn4BCw+PU5WXEkH9LiPy5
AgMBAAGgNsdsTAXBgkqhkiG9w0BCQcxCgwIQGJuMHJtYWwwGgYJKoZIhvcNAQkCMQ0T
C1dl3YnVuZasaSBJbmMGCSqGSIb3DQEBBQUAA4GBANOx6FupxFPJ1JhCOiqfpBaN
8dPy/fp/qGFZadczaJmSE15f93/LIPPcGytOhIDmOYhRB0nU/qCVkOt1SoMb4ZUc
16QUu3apbm0K9RCNswnmMRlG+y8GwQLosfPSbUG4oYfIZgsBohH3aiRqLH1w3LFzi
PNxD3/fS0aEAXzHTlFmJ8
-----END CERTIFICATE REQUEST-----
so now go to the godaddy website and go to manage your sll:
so copy and paste the certificate into the CSR field in godaddy.
then, godaddy will create two files for you, so download to your computer. so clikc on the Download Signed Certificate link
www.YOURDOMAIN.com.crt and gd_bundle.crt
upload or FTP those two file to /var/www/web1/ssl/
now you will have all the ssl files in on directory
gd_bundle.crt
YOURDOMAIN.csr
YOURDOMAIN.key
www.YOURDOMAIN.com.crt
YOURDOMAIN.csr
YOURDOMAIN.key
www.YOURDOMAIN.com.crt
ok, you will need to edit the ssl.conf file
i am using fedora 9 to do this so this is the location of the ssl.conf file
make a backup of the orginal just incase you make an error.
cp /etc/httpd/conf.d/ssl.conf /etc/httpd/conf.d/ssl.-orginal-conf
edit the original ssl configureation file. i am using nano, but if you prefer you can use your favorite text editor. some geeks like to use vi, thats fine, whatever you like. i just happen to like nano better
nano /etc/httpd/conf.d/ssl.conf
now look for these directives and change them to these:
SSLCertificateFile /var/www/web1/ssl/www.YOURDOMAIN.com.crt
SSLCertificateKeyFile /var/www/web1/ssl/YOURDOMAIN.key
SSLCertificateChainFile /var/www/web1/ssl/gd_bundle.crt
once you have made the changes, save them and now reboot web server
/etc/init.d/httpd restart
you are don, now you can test your site:
https://www.YOURDOMAIN.com
as you can see from the red arrow, its working good for me
UPDATE: i wanted to update this post to let you know i found another way that works also:
how-to-setup-and-install-goddaddy-ssl-certificate-with-ispconfig
No comments:
Post a Comment