Rubin Shrestha
Zend certified PHP/Magento developer
Rubin Shrestha
Blog

Godaddy wildcard certificate installation on ubuntu 12.04 server running multiple sites

by |Published

My manager purchased a wildcard certificate from godaddy for our ubuntu 12.04 server that runs multiple sites(i.e, *.webapps.com). He gave me these two files that he said godaddy generated as he was creating the wild card certificate on the godaddy site:

godaddy-webappscom-csr.txt

-----BEGIN CERTIFICATE REQUEST-----
MIICVzCCAUECAQAwFjEUMBIGA1UEAwwLKi5mc2hhYy5jb20wggEiMA0GCSqGSIb3
.
.
.    
8HHZhgoX9sGkiBaTsOsvztQ1KI7MU5TwvDM6
-----END CERTIFICATE REQUEST-----

godaddy-webappscom-private-key.txt

-----BEGIN PRIVATE KEY-----
MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDRIPKTSeS8Gpr6
.
.
.
touJYN3mbktmwUD3N1cW5w==
-----END PRIVATE KEY-----

I have never setup a wildcard certificate but I tried setting up the certificate as follows:

  • Logged on to godaddy site and downloaded certificate zip file for
    ubuntu running apache

  • Extracted contents of cert zip file, included the following files:

    • bc8153615e8dec48.crt
    • bc8153615e8dec48.pem
    • gd_bundle-g2-g1.crt

  • To get the private key file, I renamed the file
    godaddy-webappscom-private-key.txt to godaddy-webappscom.key. Not
    sure if that is what I am supposed to do.

  • I created the directory structure below, and moved files there.

    /etc/apache2/ssl
                  |
                  +-  gd_bundle-g2-g1.crt
                  |
                  +- certs
                  |      |
                  |      + - bc8153615e8dec48.crt
                  |
                  +- private
                           |
                           +- godaddy-webappscom-csr.txt
                           +- godaddy-webappscom.key

  • Configured virtualhost file

     <VirtualHost 192.168.70.60:443>
   DocumentRoot /var/www/forms.webapps.com
   ServerName forms.webapps.com
   SSLEngine on
   SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
   SSLCertificateFile /etc/apache2/ssl/certs/bc8153615e8dec48.crt
   SSLCertificateKeyFile /etc/apache2/ssl/private/godaddy-webappscom.key
   SSLCertificateChainFile /etc/apache2/ssl/gd_bundle-g2-g1.crt
</VirtualHost>

  • When I restart apache, I open a browser and go to site
    https://forms.webapps.com but it doesn’t come up. The browser says
    that the site may be down or a proxy may be blocking it. Checking the
    ssl.log file, i see the following:

[Thu Mar 16 15:47:28 2023] [error] Init: Private key not found
[Thu Mar 16 15:47:28 2023] [error] SSL Library Error: 218570875 error:0D07207B:asn1 encoding routines:ASN1_get_object:header too long

Normally, when I create a cert, I create the key file with openssl and then create the csr file from the key and submit it to godaddy. I then download cert and install it. But, it has always been done on one site not for multiple sites with one cert.

You may also like