0

I bought a SSL certificate and I cannot get it to function. I get a This Connection is Untrusted error in Firefox.

I do believe it's due to my .crt file being incomplete/wrong all together. My .crt was generated using:

 openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

What I get is a big block of data. It has a begin header and a end. The reason for thinking it's incorrect is due to the example files I've browsed. Example 1, Example 2. These have a lot more information than the chunk of data that I have in my file.

Am I experiencing the issue due to my .crt file? What else could cause the error. I've tried my very best to find some answers but the answers I've found have always been not applicable or irrelevant to my issue. I have enabled SSLEngine in my .conf file and the ssl mod is enabled.

I am completely new to installing SSL certificates and I've never attempted anything like this before, just so you know.

I run on Ubuntu 14.04 64-bit on a VPS. The certificate is active and was purchased from PositiveSSL via Namecheap as I purchased my domain.

Xweque
  • 103
  • 4

1 Answers1

3

That's not how this works.
You created a self signed certificate, of course no browser will trust it.
You bought a certificate, which means you should have been sent a .crt file by your provider.

The process should be something like this.
Generate a private key: 

openssl genrsa -out domain.com.key 2048

Create a CSR: 

openssl req -new -sha256 -key domain.com.key -out domain.com.csr

Then take the domain.com.csr file, send it to your provider.
Wait until they have done their magic (also known as "charged your credit card") and receive a .crt file from them.
Install that file on your server.

faker
  • 17,496
  • 2
  • 60
  • 70