Jonathan Stanton's picture

So on the description for LAMP stack it says "SSL support out of the box." So I setup up a micro instance and as soon as it was ready I navigated to  https://www.ave2.tklapp.com/ and immediatly I get an SSL error, fail. in Firefox it gives me this information:

 
www.ave2.tklapp.com uses an invalid security certificate.
 
The certificate is only valid for the following names:
  hub.turnkeylinux.org , www.hub.turnkeylinux.org  
 
(Error code: ssl_error_bad_cert_domain)
 
so can someone explain to me what I need to do to get SSL working? 
 
I went to my web admin and under Webmin Configuration section I clicked on SSL Encryption everything is enabled. 
 
do I need to sign up with http://cert.startcom.org/ I tried to do the Domain Name Validation Wizard and I upon typig in www.ave2.tklapp.com I was told "Please enter only the base domain in the text field without any sub domain or domain extension." fail fail fail.
 
Any thoughts?

 

Forum: 
Jonathan Stanton's picture

A little update figures out www. subdomain was never part of the deal, I retried but this time without the www and instead got this error:

 

ave2.tklapp.com uses an invalid security certificate.
 
The certificate is not trusted because it is self-signed.
The certificate is not valid for any server names.
 
(Error code: sec_error_untrusted_issuer)
Jeremy Davis's picture

If you don't want that warning you'll have to buy a certificate signed by a recognised authority.

Jonathan Stanton's picture

ok good I am glad I am not missing something, I thought it came signed by a recognised authority. in that case your other tutorials i've found online makes more sense now. Unfortuantly I already switched to heroku but I intend on switching back, because I get more control with a server I can touch.  Are there any tutorials on how to get a signed recogniesed authority SSL certified and working on a turnkey LAMP machine?

Alon Swartz's picture

This blog post should help...

Jeremy Davis's picture

I did a quick google and it looks like your thoughts re CN (Common Name) being the problem was on track. Have a look here: http://stackoverflow.com/questions/21805351/windows-7-not-accepting-self...

If you only want to import it into one Win machine. As far as I understand it should be fairly straight forward. I think you can do it directly through IE (run as admin, browse to the site and add the certificate).

For a full tutorial on start to finish I'm sure you'd find something via google. TurnKey is Debian under the hood, although for something like this I'm sure that info relating to any Debian type distro should be relevant (e.g. Ubuntu). In fact maybe and Linux distro info would be relevant? Also you could include the name of the webserver being used in your search (webserver depends on the specific appliance - although most use Apache).

Good luck and if you find something particularly useful then please post back.

Jeremy Davis's picture

FWIW Webmin has it's own built in 'mini'-server (hence why it still works when Apache down - possibly why they did it like that?)

Add new comment