Can`t install Comodo SSL certificate on Centos7 apache2












0















I have bought Comodo PositiveSSL. Now I have certificate.key and zip-archive which is contains 4 files.



AddTrustExternalCARoot.crt, 
COMODORSADomainValidationSecureServerCA.crt,
COMODORSAAddTrustCA.crt,
my_domain_ru.crt


Firstly I`ve read that I have to join this files into one mySite.ca-build.



cat my_site_ru.crt  COMODORSADomainValidationSecureServerCA.crt COMODORSAAddTrustCA.crt AddTrustExternalCARoot.crt > mySite.ca-bundle


Secondly I saved there files into /usr/local/ssl/my_site/.



then I go to




/etc/httpd/conf.d/my_site_ru.conf




and added this



 SSLEngine On
SSLCertificateFile /usr/local/ssl/my_site/my_site_ru.crt
SSLCertificateKeyFile /usr/local/ssl/my_site/certificate.key
SSLCertificateChainFile /usr/local/ssl/my_site/mySite.ca-bundle


but after



systemctl restart httpd


i got an error




Bad Request Your browser sent a request that this server could not
understand. Reason: You're speaking plain HTTP to an SSL-enabled
server port. Instead use the HTTPS scheme to access this URL, please.




if I try to open my site with https://my_domain.ru I see next




Connection is not secure











share|improve this question



























    0















    I have bought Comodo PositiveSSL. Now I have certificate.key and zip-archive which is contains 4 files.



    AddTrustExternalCARoot.crt, 
    COMODORSADomainValidationSecureServerCA.crt,
    COMODORSAAddTrustCA.crt,
    my_domain_ru.crt


    Firstly I`ve read that I have to join this files into one mySite.ca-build.



    cat my_site_ru.crt  COMODORSADomainValidationSecureServerCA.crt COMODORSAAddTrustCA.crt AddTrustExternalCARoot.crt > mySite.ca-bundle


    Secondly I saved there files into /usr/local/ssl/my_site/.



    then I go to




    /etc/httpd/conf.d/my_site_ru.conf




    and added this



     SSLEngine On
    SSLCertificateFile /usr/local/ssl/my_site/my_site_ru.crt
    SSLCertificateKeyFile /usr/local/ssl/my_site/certificate.key
    SSLCertificateChainFile /usr/local/ssl/my_site/mySite.ca-bundle


    but after



    systemctl restart httpd


    i got an error




    Bad Request Your browser sent a request that this server could not
    understand. Reason: You're speaking plain HTTP to an SSL-enabled
    server port. Instead use the HTTPS scheme to access this URL, please.




    if I try to open my site with https://my_domain.ru I see next




    Connection is not secure











    share|improve this question

























      0












      0








      0








      I have bought Comodo PositiveSSL. Now I have certificate.key and zip-archive which is contains 4 files.



      AddTrustExternalCARoot.crt, 
      COMODORSADomainValidationSecureServerCA.crt,
      COMODORSAAddTrustCA.crt,
      my_domain_ru.crt


      Firstly I`ve read that I have to join this files into one mySite.ca-build.



      cat my_site_ru.crt  COMODORSADomainValidationSecureServerCA.crt COMODORSAAddTrustCA.crt AddTrustExternalCARoot.crt > mySite.ca-bundle


      Secondly I saved there files into /usr/local/ssl/my_site/.



      then I go to




      /etc/httpd/conf.d/my_site_ru.conf




      and added this



       SSLEngine On
      SSLCertificateFile /usr/local/ssl/my_site/my_site_ru.crt
      SSLCertificateKeyFile /usr/local/ssl/my_site/certificate.key
      SSLCertificateChainFile /usr/local/ssl/my_site/mySite.ca-bundle


      but after



      systemctl restart httpd


      i got an error




      Bad Request Your browser sent a request that this server could not
      understand. Reason: You're speaking plain HTTP to an SSL-enabled
      server port. Instead use the HTTPS scheme to access this URL, please.




      if I try to open my site with https://my_domain.ru I see next




      Connection is not secure











      share|improve this question














      I have bought Comodo PositiveSSL. Now I have certificate.key and zip-archive which is contains 4 files.



      AddTrustExternalCARoot.crt, 
      COMODORSADomainValidationSecureServerCA.crt,
      COMODORSAAddTrustCA.crt,
      my_domain_ru.crt


      Firstly I`ve read that I have to join this files into one mySite.ca-build.



      cat my_site_ru.crt  COMODORSADomainValidationSecureServerCA.crt COMODORSAAddTrustCA.crt AddTrustExternalCARoot.crt > mySite.ca-bundle


      Secondly I saved there files into /usr/local/ssl/my_site/.



      then I go to




      /etc/httpd/conf.d/my_site_ru.conf




      and added this



       SSLEngine On
      SSLCertificateFile /usr/local/ssl/my_site/my_site_ru.crt
      SSLCertificateKeyFile /usr/local/ssl/my_site/certificate.key
      SSLCertificateChainFile /usr/local/ssl/my_site/mySite.ca-bundle


      but after



      systemctl restart httpd


      i got an error




      Bad Request Your browser sent a request that this server could not
      understand. Reason: You're speaking plain HTTP to an SSL-enabled
      server port. Instead use the HTTPS scheme to access this URL, please.




      if I try to open my site with https://my_domain.ru I see next




      Connection is not secure








      ssl ssl-certificate centos7






      share|improve this question













      share|improve this question











      share|improve this question




      share|improve this question










      asked Nov 23 '18 at 9:37









      ViktorViktor

      1851519




      1851519
























          1 Answer
          1






          active

          oldest

          votes


















          1














          You have a turned on SSL configuration on port 80, where are expected non-ssl config.



          You have to have two apache configs: one for port 80, where you will have no SSL directives and another one for port 443, where you will have SSL turned on.



          Simple example:



          <VirtualHost IP_Address:80>
          ...Some configurations here...
          </VirtualHost>
          <VirtualHost IP_Address:443>
          SSLEngine On
          SSLCertificateFile /usr/local/ssl/my_site/my_site_ru.crt
          SSLCertificateKeyFile /usr/local/ssl/my_site/certificate.key
          SSLCertificateChainFile /usr/local/ssl/my_site/mySite.ca-bundle
          ... another configuration, such as ServerName, DocumentRoot, etc. ...
          </VirtualHost>





          share|improve this answer
























          • If i added two virtual hosts to my_site.conf I can't restart httpd

            – Viktor
            Nov 23 '18 at 9:58













          • 1) Check your logs. 2) Check your apache config with apachectl -t command.

            – Jan Marek
            Nov 23 '18 at 10:02













          • Thanks man! It`s works!

            – Viktor
            Nov 23 '18 at 10:15












          Your Answer






          StackExchange.ifUsing("editor", function () {
          StackExchange.using("externalEditor", function () {
          StackExchange.using("snippets", function () {
          StackExchange.snippets.init();
          });
          });
          }, "code-snippets");

          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "1"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: true,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: 10,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });














          draft saved

          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53444029%2fcant-install-comodo-ssl-certificate-on-centos7-apache2%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown

























          1 Answer
          1






          active

          oldest

          votes








          1 Answer
          1






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes









          1














          You have a turned on SSL configuration on port 80, where are expected non-ssl config.



          You have to have two apache configs: one for port 80, where you will have no SSL directives and another one for port 443, where you will have SSL turned on.



          Simple example:



          <VirtualHost IP_Address:80>
          ...Some configurations here...
          </VirtualHost>
          <VirtualHost IP_Address:443>
          SSLEngine On
          SSLCertificateFile /usr/local/ssl/my_site/my_site_ru.crt
          SSLCertificateKeyFile /usr/local/ssl/my_site/certificate.key
          SSLCertificateChainFile /usr/local/ssl/my_site/mySite.ca-bundle
          ... another configuration, such as ServerName, DocumentRoot, etc. ...
          </VirtualHost>





          share|improve this answer
























          • If i added two virtual hosts to my_site.conf I can't restart httpd

            – Viktor
            Nov 23 '18 at 9:58













          • 1) Check your logs. 2) Check your apache config with apachectl -t command.

            – Jan Marek
            Nov 23 '18 at 10:02













          • Thanks man! It`s works!

            – Viktor
            Nov 23 '18 at 10:15
















          1














          You have a turned on SSL configuration on port 80, where are expected non-ssl config.



          You have to have two apache configs: one for port 80, where you will have no SSL directives and another one for port 443, where you will have SSL turned on.



          Simple example:



          <VirtualHost IP_Address:80>
          ...Some configurations here...
          </VirtualHost>
          <VirtualHost IP_Address:443>
          SSLEngine On
          SSLCertificateFile /usr/local/ssl/my_site/my_site_ru.crt
          SSLCertificateKeyFile /usr/local/ssl/my_site/certificate.key
          SSLCertificateChainFile /usr/local/ssl/my_site/mySite.ca-bundle
          ... another configuration, such as ServerName, DocumentRoot, etc. ...
          </VirtualHost>





          share|improve this answer
























          • If i added two virtual hosts to my_site.conf I can't restart httpd

            – Viktor
            Nov 23 '18 at 9:58













          • 1) Check your logs. 2) Check your apache config with apachectl -t command.

            – Jan Marek
            Nov 23 '18 at 10:02













          • Thanks man! It`s works!

            – Viktor
            Nov 23 '18 at 10:15














          1












          1








          1







          You have a turned on SSL configuration on port 80, where are expected non-ssl config.



          You have to have two apache configs: one for port 80, where you will have no SSL directives and another one for port 443, where you will have SSL turned on.



          Simple example:



          <VirtualHost IP_Address:80>
          ...Some configurations here...
          </VirtualHost>
          <VirtualHost IP_Address:443>
          SSLEngine On
          SSLCertificateFile /usr/local/ssl/my_site/my_site_ru.crt
          SSLCertificateKeyFile /usr/local/ssl/my_site/certificate.key
          SSLCertificateChainFile /usr/local/ssl/my_site/mySite.ca-bundle
          ... another configuration, such as ServerName, DocumentRoot, etc. ...
          </VirtualHost>





          share|improve this answer













          You have a turned on SSL configuration on port 80, where are expected non-ssl config.



          You have to have two apache configs: one for port 80, where you will have no SSL directives and another one for port 443, where you will have SSL turned on.



          Simple example:



          <VirtualHost IP_Address:80>
          ...Some configurations here...
          </VirtualHost>
          <VirtualHost IP_Address:443>
          SSLEngine On
          SSLCertificateFile /usr/local/ssl/my_site/my_site_ru.crt
          SSLCertificateKeyFile /usr/local/ssl/my_site/certificate.key
          SSLCertificateChainFile /usr/local/ssl/my_site/mySite.ca-bundle
          ... another configuration, such as ServerName, DocumentRoot, etc. ...
          </VirtualHost>






          share|improve this answer












          share|improve this answer



          share|improve this answer










          answered Nov 23 '18 at 9:48









          Jan MarekJan Marek

          6,52321518




          6,52321518













          • If i added two virtual hosts to my_site.conf I can't restart httpd

            – Viktor
            Nov 23 '18 at 9:58













          • 1) Check your logs. 2) Check your apache config with apachectl -t command.

            – Jan Marek
            Nov 23 '18 at 10:02













          • Thanks man! It`s works!

            – Viktor
            Nov 23 '18 at 10:15



















          • If i added two virtual hosts to my_site.conf I can't restart httpd

            – Viktor
            Nov 23 '18 at 9:58













          • 1) Check your logs. 2) Check your apache config with apachectl -t command.

            – Jan Marek
            Nov 23 '18 at 10:02













          • Thanks man! It`s works!

            – Viktor
            Nov 23 '18 at 10:15

















          If i added two virtual hosts to my_site.conf I can't restart httpd

          – Viktor
          Nov 23 '18 at 9:58







          If i added two virtual hosts to my_site.conf I can't restart httpd

          – Viktor
          Nov 23 '18 at 9:58















          1) Check your logs. 2) Check your apache config with apachectl -t command.

          – Jan Marek
          Nov 23 '18 at 10:02







          1) Check your logs. 2) Check your apache config with apachectl -t command.

          – Jan Marek
          Nov 23 '18 at 10:02















          Thanks man! It`s works!

          – Viktor
          Nov 23 '18 at 10:15





          Thanks man! It`s works!

          – Viktor
          Nov 23 '18 at 10:15




















          draft saved

          draft discarded




















































          Thanks for contributing an answer to Stack Overflow!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53444029%2fcant-install-comodo-ssl-certificate-on-centos7-apache2%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          Popular posts from this blog

          "Incorrect syntax near the keyword 'ON'. (on update cascade, on delete cascade,)

          Alcedinidae

          Origin of the phrase “under your belt”?