My manager purchased a wildcard certificate from godaddy for our ubuntu 12.04 server that runs multiple sites(i.e, *.webapps.com). He gave me these two files that he said godaddy generated as he was creating the wild card certificate on the godaddy site:
godaddy-webappscom-csr.txt
-----BEGIN CERTIFICATE REQUEST-----
MIICVzCCAUECAQAwFjEUMBIGA1UEAwwLKi5mc2hhYy5jb20wggEiMA0GCSqGSIb3
.
.
.
8HHZhgoX9sGkiBaTsOsvztQ1KI7MU5TwvDM6
-----END CERTIFICATE REQUEST-----
godaddy-webappscom-private-key.txt
-----BEGIN PRIVATE KEY-----
MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDRIPKTSeS8Gpr6
.
.
.
touJYN3mbktmwUD3N1cW5w==
-----END PRIVATE KEY-----
I have never setup a wildcard certificate but I tried setting up the certificate as follows:
-
Logged on to godaddy site and downloaded certificate zip file for
ubuntu running apache -
Extracted contents of cert zip file, included the following files:
- bc8153615e8dec48.crt
- bc8153615e8dec48.pem
- gd_bundle-g2-g1.crt
-
To get the private key file, I renamed the file
godaddy-webappscom-private-key.txt to godaddy-webappscom.key. Not
sure if that is what I am supposed to do. -
I created the directory structure below, and moved files there.
/etc/apache2/ssl | +- gd_bundle-g2-g1.crt | +- certs | | | + - bc8153615e8dec48.crt | +- private | +- godaddy-webappscom-csr.txt +- godaddy-webappscom.key
-
Configured virtualhost file
<VirtualHost 192.168.70.60:443> DocumentRoot /var/www/forms.webapps.com ServerName forms.webapps.com SSLEngine on SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire SSLCertificateFile /etc/apache2/ssl/certs/bc8153615e8dec48.crt SSLCertificateKeyFile /etc/apache2/ssl/private/godaddy-webappscom.key SSLCertificateChainFile /etc/apache2/ssl/gd_bundle-g2-g1.crt </VirtualHost>
-
When I restart apache, I open a browser and go to site
https://forms.webapps.com but it doesn’t come up. The browser says
that the site may be down or a proxy may be blocking it. Checking the
ssl.log file, i see the following:
[Thu Mar 16 15:47:28 2023] [error] Init: Private key not found
[Thu Mar 16 15:47:28 2023] [error] SSL Library Error: 218570875 error:0D07207B:asn1 encoding routines:ASN1_get_object:header too long
Normally, when I create a cert, I create the key file with openssl and then create the csr file from the key and submit it to godaddy. I then download cert and install it. But, it has always been done on one site not for multiple sites with one cert.