I have recently purchased the ssl123 certificate from thwate.
They have provided me following files
1:x.509 certificate
2:Apache Bundle
3:intermediate CA1
I am trying to install on my server but no success here are my configuration.
Virtual Host file
<IfModule mod_ssl.c>
<VirtualHost IP:443>
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/x.509.crt
SSLCertificateKeyFile /etc/apache2/ssl/my.key
SSLCACertificateFile /etc/apache2/ssl/intermediate.crt
ServerAdmin xyz@gmail.com
ServerName www.xyz.org
ServerAlias xyz.org
DocumentRoot /var/www/ecommerce/
<Directory />
Options Indexes FollowSymLinks MultiViews
AllowOverride None
</Directory>
<Directory /var/www/ecommerce/>
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Order allow,deny
allow from all
</Directory>
</<IfModule>
port.conf file
NameVirtualHost *:80
Listen 80
<IfModule mod_ssl.c>
# If you add NameVirtualHost *:443 here, you will also have to change
# the VirtualHost statement in /etc/apache2/sites-available/default-ssl
# to <VirtualHost *:443>
# Server Name Indication for SSL named virtual hosts is currently not
# supported by MSIE on Windows XP.
Listen 443
</IfModule>
<IfModule mod_gnutls.c>
Listen 443
</IfModule>
Apache Error Log
[Thu Aug 01 11:43:58 2013] [notice] caught SIGTERM, shutting down
[Thu Aug 01 11:43:59 2013] [warn] [mod_spdy/0.9.4.1-397] [7305:7305:WARNING:mod_spdy.cc(166)] mod_spdy is insta config. SPDY will not be used by this server. See http://code.google.com/p/mod-spdy/wiki/ConfigOptions for ho
[Thu Aug 01 11:43:59 2013] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Thu Aug 01 11:43:59 2013] [warn] RSA server certificate CommonName (CN) `Thawte DV SSL CA' does NOT match serv
[Thu Aug 01 11:43:59 2013] [error] Unable to configure RSA server private key
[Thu Aug 01 11:43:59 2013] [error] SSL Library Error: 185073780 error:0B080074:x509 certificate routines:X509_c
UPDATED CONFIG
[Thu Aug 01 13:09:03 2013] [error] Init: Multiple RSA server certificates not allowed
[Thu Aug 01 13:10:51 2013] [warn] [mod_spdy/0.9.4.1-397] [13606:13606:WARNING:mod_spdy.cc(166)] mod_spdy is installed, but has not been enabled in the Apache config. SPDY will not be used by this server. See http://code.google.com/p/mod-spdy/wiki/ConfigOptions for how to enable.
VHOST File
IfModule mod_ssl.c>
<VirtualHost IP:443>
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/x.509.crt
SSLCertificateKeyFile /etc/apache2/ssl/my.key
SSLCACertificateFile /etc/apache2/ssl/rootcertificate.crt
ServerAdmin xyz@gmail.com
ServerName www.xyz.org
ServerAlias xyz.org
DocumentRoot /var/www/ecommerce/
<Directory />
Options Indexes FollowSymLinks MultiViews
AllowOverride None
</Directory>
<Directory /var/www/ecommerce/>
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Order allow,deny
allow from all
</Directory>
</<IfModule>
Best Answer
Your certificate / private key or Root CA certificate is not matching.
You are using an intermediate certificate for the parameter SSLCACertificateFile. Please switch to the correct root CA certificate which will match your kind of certificate (e.g. "Thawte Premium Server CA". Link: Thawte Root CA downloads
Btw: your apache logs seems to be truncated on the right side.