Excellent guide, i would like to add a couple of things since i had to go through some extra steps to get the whole thing working with a ssl certificate generated from GoDaddy.
Once you've completed the request procedure, you will be given two certificate files:
yourdomain.tld.crt and
gd_bundle.crt
Merge the two files in a file called yourdomain.tld.pem, appending the chain certificate at the end of the cert issued for your domain.
The chain certificate is the one you should be setting as
SSLCertificateChainFile if you were using
mod_ssl.
This is the file you will be using as
GnuTLSCertificateFile
Once you've done that, you will be required to create a private key file that is not password protected. mod_gnutls does not support passworded private keys.
For that you will have to run the following command on your private key:
Code:
openssl rsa -in server.key -out server.key.insecure
I was getting the following error because i didn't do the step just above:
Code:
GnuTLS: Failed to Import Private Key '/my/path/to/ssl.key/server.key': (-69) ASN1 parser: Error in DER parsing.
You will be using the non passworded private key in
GnuTLSKeyFile.
I would also suggest to run
Code:
chmod 400 server.key
chmod 400 server.key.insicure
chmod 444 yourdomain.tld.pem
for security reasons.
Search
Member List
Calendar
Help
/
[HowTo] Multiple SSL Certificates on a Single IP/Port using mod_gnutls
