TurnKey Linux Virtual Appliance Library

RSA server certificate is a CA certificate Error

Hi. When I look in my Apache error log, I am seeing the following error:

RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)

They seem to happen around the time I try accessing my home server from work. I never get through from work and usually get a server not found error. I am using the LAMP installation in a virtual machine. How do I fix this error though?

Jeremy's picture

Not sure?

Can't say I've come across that, although I haven't combed my apache logs either. Is it an error or just a warning or even perhaps just info? Not all 'errors' are issues that you need to resolve, The problem you are having may relate to something else completely

hope this helps

It depends how you create the SSL cert. If you follow the advice on this website:

http://www.onlamp.com/2008/03/04/step-by-step-configuring-ssl-under-apac...

Then you will see the warning message above in your apache error.log file.

However, if you create the cert this way: https://devcenter.heroku.com/articles/ssl-certificate-self

Then the error message will be gone.

Essentially the error message means you have created a cert that is intended to be used to sign other certs, but you're using that cert as your SSL cert.

Post new comment

The content of this field is kept private and will not be shown publicly. If you have a Gravatar account, used to display your avatar.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <p> <span> <div> <h1> <h2> <h3> <h4> <h5> <h6> <img> <map> <area> <hr> <br> <br /> <ul> <ol> <li> <dl> <dt> <dd> <table> <tr> <td> <em> <b> <u> <i> <strong> <font> <del> <ins> <sub> <sup> <quote> <blockquote> <pre> <address> <code> <cite> <strike> <caption>

More information about formatting options

Leave this field empty. It's part of a security mechanism.
(Dear spammers: moderators are notified of all new posts. Spam is deleted immediately)