내 서버와 클라이언트 간의 통신을 암호화하기 위해 자체 서명된 인증서를 만들고 싶습니다.
OpenSSL을 사용하여 단일 명령으로 자체 서명된 키와 인증서 쌍을 생성하고 있습니다.
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/apache-selfsigned.key -out /etc/ssl/certs/apache-selfsigned.crt
하지만 로그에서 다음을 볼 수 있습니다.
[Mon Sep 27 13:42:01.478245 2021] [ssl:error] [pid 1344:tid 139789990751552] AH02604: Unable to configure certificate 176.57.122.225:443:0 for stapling
[Mon Sep 27 13:42:01.485956 2021] [ssl:warn] [pid 1345:tid 139789990751552] AH01906: 176.57.122.225:443:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Mon Sep 27 13:42:01.486039 2021] [ssl:error] [pid 1345:tid 139789990751552] AH02217: ssl_stapling_init_cert: can't retrieve issuer certificate! [subject: CN=176.57.122.225,OU=discoter,O=discoter,L=Brux
elles,ST=Bruxelles,C=BE / issuer: CN=176.57.122.225,OU=discoter,O=discoter,L=Bruxelles,ST=Bruxelles,C=BE / serial: 2AD0C83CF40FCE881CCF862D5D1372957C7C3DF6 / notbefore: Sep 27 13:41:36 2021 GMT / notaft
er: Sep 27 13:41:36 2022 GMT]
[Mon Sep 27 13:42:01.486045 2021] [ssl:error] [pid 1345:tid 139789990751552] AH02604: Unable to configure certificate 176.57.122.225:443:0 for stapling
그리고
more /etc/apache2/sites-available/default-ssl.conf:
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
ServerAdmin webmaster@localhost
ServerName 176.58.122.XXX
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /etc/ssl/certs/apache-selfsigned.crt
SSLCertificateKeyFile /etc/ssl/private/apache-selfsigned.key
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
</VirtualHost>
</IfModule>