Current time: 05-18-2022, 12:48 AM Hello There, Guest! (LoginRegister)

Post Reply 
[HowTo] Multiple SSL Certificates on a Single IP/Port using mod_gnutls
Author Message
D4rKr0W Offline

Posts: 5
Joined: Dec 2009
Reputation: 0
Post: #16
RE: [HowTo] Multiple SSL Certificates on a Single IP/Port using mod_gnutls
Excellent guide, i would like to add a couple of things since i had to go through some extra steps to get the whole thing working with a ssl certificate generated from GoDaddy.

Once you've completed the request procedure, you will be given two certificate files:
yourdomain.tld.crt and gd_bundle.crt

Merge the two files in a file called yourdomain.tld.pem, appending the chain certificate at the end of the cert issued for your domain.
The chain certificate is the one you should be setting as SSLCertificateChainFile if you were using mod_ssl.

This is the file you will be using as GnuTLSCertificateFile

Once you've done that, you will be required to create a private key file that is not password protected. mod_gnutls does not support passworded private keys.

For that you will have to run the following command on your private key:

openssl rsa -in server.key -out server.key.insecure

I was getting the following error because i didn't do the step just above:

GnuTLS: Failed to Import Private Key '/my/path/to/ssl.key/server.key': (-69) ASN1 parser: Error in DER parsing.

You will be using the non passworded private key in GnuTLSKeyFile.

I would also suggest to run

chmod 400 server.key
chmod 400 server.key.insicure
chmod 444 yourdomain.tld.pem

for security reasons.
(This post was last modified: 07-29-2010 10:48 PM by D4rKr0W.)
07-29-2010 10:35 PM
Find all posts by this user Quote this message in a reply
Post Reply 

Messages In This Thread
RE: [HowTo] Multiple SSL Certificates on a Single IP/Port using mod_gnutls - D4rKr0W - 07-29-2010 10:35 PM

Forum Jump:

User(s) browsing this thread: 1 Guest(s)