I have a static IP which gets routed requests through my firewall. This server has a wildcard SSL certificate that for some reason decided it no longer wants to work. In my httpd.conf I have the following configuration for the server:
ServerName 10.200.2.15
NameVirtualHost 10.200.2.15:443
Listen 10.200.2.15:443
I have mod_ssl enabled, etc. I then have a virtual host configured:
< VirtualHost 10.200.2.15:443 >
ServerName v3.mysite.com
ServerAdmin webmaster@example.com
DocumentRoot "/Library/WebServer/Documents"
DirectoryIndex index.html index.php login.jhtml
ErrorLog "/private/var/log/httpd/error_log"
< IfModule mod_ssl.c >
SSLEngine On
SSLLog "/private/var/log/httpd/ssl_engine_log"
SSLCertificateFile "/etc/certificates/_.mysite.com.crt"
SSLCertificateKeyFile "/etc/certificates/private.key"
SSLCertificateChainFile "/etc/certificates/gd_bundle.crt"
SSLCipherSuite "ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:!SSLv2:+EXP:+eNULL"
< /IfModule >
< /VirtualHost >
When I restart apache my ssl engine log states:
[info] Init: Configuring server v3.mysite.com:443 for SSL protocol
[warn] Init: (v3.mysite.com:443) RSA server certificate CommonName (CN) `*.mysite.com' does NOT match server name!?
This configuration was working fine for months, and after a restart the server refuses to serve the site over HTTPS. It times out attempting to hit it in Firefox through both the static ip and the DNS outside of the VPN. Any thoughts?
Best Answer
"RSA server certificate CommonName (CN) `*.mysite.com' does NOT match server name!? " is a normal warning when using wildcard certificates and it can safely be ignored. That isn't the reason why SSL isn't working. If you don't see any other errors in your logs, make sure that everything is forwarding port 443 properly.