why are certificates generated using openssl invalid?
Posted by: czujnik (104.28.225.---)
Date: September 05, 2024 02:34PM

the whole process runs smoothly and ends successfully, a certificate is created with a key and csr,
after implementation, a message appears on the website that the certificate is invalid because the server identity cannot be confirmed?

I used these commands

openssl genrsa -out certyficate.key 2048
openssl req -new -key certyficate.key -out certyficate.csr
openssl x509 -req -days 365 -in certyficate.csr -signkey certyficate.key -out certyficate.crt


a certificate is created with a key and csr all ok


it's also strange that in version apache2.4.54.2 to generate anything I had to create a separate folder in the main directory with the name Apache24\conf and copy the file " openssl.cnf ",
why \_*|*_/


after implementing on the server in the browser this error
net::ERR_CERT_COMMON_NAME_INVALID
but I am entering the correct name so the error must be in the server confirmation



Edited 5 time(s). Last edit at 09/05/2024 04:05PM by czujnik.

Options: ReplyQuote
Re: why are certificates generated using openssl invalid?
Posted by: Otomatic (Moderator)
Date: September 05, 2024 02:48PM

This is what the help page says: Right-Click -> Help -> Wampserver 'automatic' HTTPS mode help

Browser warning because self-signed certificate
-- Mozilla Firefox
Warning: probable security risk
Advanced button: Error code: SEC_ERROR_UNKNOWN_ISSUER
Validate: Accept risk and continue.

-- Opera
Your connection is not private
NET::ERR_CERT_AUTHORITY_INVALID
Validate: Help me understand
Validate: Continue on site name (dangerous)

-- Chrome
Your connection is not private
NET::ERR_CERT_AUTHORITY_INVALID
Validate : Advanced settings
Validate : Continue to site site name (dangerous)

-- Edge
Your connection is not private
NET::ERR_CERT_AUTHORITY_INVALID
Validate : Advanced
Continue to site name (not secure)

Of course, in principle, this will only work if the 'Force strict https mode' or similar option is not enabled in the browser settings.

---------------------------------------------------------------
Documentation Apache - Documentation PHP - Documentation MySQL - Wampserver install files & addons

Options: ReplyQuote
Re: why are certificates generated using openssl invalid?
Posted by: czujnik (104.28.225.---)
Date: September 05, 2024 03:29PM

I found an error,
it says that
"certificate cannot be confirmed with the server",
as if there was no confirmation path,
additional manual installation in trusted root certificates did not help, but I will try

Options: ReplyQuote
Re: why are certificates generated using openssl invalid?
Posted by: czujnik (104.28.225.---)
Date: September 05, 2024 03:31PM

it's also strange that in version apache2.4.54.2 to generate anything I had to create a separate folder in the main directory with the name Apache24\conf and copy the file " openssl.cnf "

Options: ReplyQuote
Re: why are certificates generated using openssl invalid?
Posted by: czujnik (104.28.225.---)
Date: September 05, 2024 03:53PM

net::ERR_CERT_COMMON_NAME_INVALID

Options: ReplyQuote
Re: why are certificates generated using openssl invalid?
Posted by: czujnik (104.28.225.---)
Date: September 05, 2024 04:02PM

I don't have this on my Right-Click -> Help -> Wampserver 'automatic' HTTPS mode help
apache2.4.54.2

after implementing on the server in the browser this error
net::ERR_CERT_COMMON_NAME_INVALID
but I am entering the correct name so the error must be in the server confirmation



Edited 1 time(s). Last edit at 09/05/2024 04:05PM by czujnik.

Options: ReplyQuote
Re: why are certificates generated using openssl invalid?
Posted by: czujnik (104.28.225.---)
Date: September 05, 2024 04:41PM

openssl req -x509 -newkey rsa:4096 -keyout self-signed.key -out self-signed.crt -sha256 -days 365 -nodes -subj "/C=PL/ST=LD/O=example.com/OU=example.com/CN=example.com" -addext "subjectAltName = DNS:example.com"

it didn't help

Options: ReplyQuote
Re: why are certificates generated using openssl invalid?
Posted by: Otomatic (Moderator)
Date: September 05, 2024 04:48PM

You should think about updatingWampserver update 3.3.6
The help files contain full explanations of how to switch to HTTPS mode, both manually and automatically.

---------------------------------------------------------------
Documentation Apache - Documentation PHP - Documentation MySQL - Wampserver install files & addons

Options: ReplyQuote
Re: why are certificates generated using openssl invalid?
Posted by: czujnik (104.28.193.---)
Date: September 05, 2024 04:57PM

I will install a new one on a new partition but I would really like to solve this now manually and using CMD commands or some modification of openssl files or installation in windows
It's exhausting

Options: ReplyQuote
Re: why are certificates generated using openssl invalid?
Posted by: Otomatic (Moderator)
Date: September 05, 2024 05:23PM

For a detailed explanation, click here:
How to activate https SSL in Wampserver

---------------------------------------------------------------
Documentation Apache - Documentation PHP - Documentation MySQL - Wampserver install files & addons

Options: ReplyQuote
Re: why are certificates generated using openssl invalid?
Posted by: Otomatic (Moderator)
Date: September 05, 2024 06:17PM

I've given you all the tips and documents that enabled me to switch local sites to HTTPS SSL mode with a self-signed certificate.

It's not my area of expertise to find out why there's a problem with your command line.

Eventually, you could ask the question in the forum Apachelounge

---------------------------------------------------------------
Documentation Apache - Documentation PHP - Documentation MySQL - Wampserver install files & addons

Options: ReplyQuote


Sorry, only registered users may post in this forum.