[Tue Mar 01 17:29:01.443730 2016] [:error] [pid 12834] Misconfiguration of certificate's CN and virtual name. The certificate CN has mail.[domain.com]. We expected www.[domain.com] as virtual name.
是我按照下面链接的指南后收到的错误。我已经重新创建了 3 次证书,以防万一我搞砸了并且不小心放入了邮件。但三次都返回相同的错误。我绝对不会输入 mail.[domain.com]。
http://www.howtoing.com/create-apache-https-self-signed-certificate-using-nss/2/
这是我一直遵循的指南。我对处理证书和安全性比较陌生,这都是一个学习过程。我想这是我所忽略的非常简单和简单的事情。
我查看了 apache 配置文件以确保一切正确。我唯一能想象到的是,我之前在那里安装了一个 dovecot,我还为其创建了密钥,但是我已经从服务器中删除了 dovecot,这并不能解释为什么 apache 会使用这些证书而不是我的证书。我是按照本指南创建的。
我已经搜索了好几个小时来解决这个问题,但与这个错误信息相关的信息很少,更不用说我具体遇到的问题了。
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
00:a5:9f:f1:2e
Signature Algorithm: PKCS #1 SHA-256 With RSA Encryption
Issuer: "CN=allthingscomputing.co.uk,OU=Web evelopment,O=Ace Computer
s,L=Morecambe,ST=Lancashire,C=GB"
Validity:
Not Before: Tue Mar 01 16:48:48 2016
Not After : Wed Mar 01 16:48:48 2017
Subject: "CN=allthingscomputing.co.uk,OU=Web evelopment,O=Ace Compute
rs,L=Morecambe,ST=Lancashire,C=GB"
Subject Public Key Info:
Public Key Algorithm: PKCS #1 RSA Encryption
RSA Public Key:
Modulus:
d5:4b:d2:68:da:8d:e8:fe:65:3f:b5:3d:9a:65:29:c7:
fb:1c:c2:36:09:8a:9c:67:0a:81:ff:75:83:45:26:b4:
72:33:41:54:98:42:a4:be:eb:43:12:5d:b0:9f:5e:81:
e6:45:d0:08:50:ff:36:c7:8a:5c:7d:21:80:1c:3a:c3:
4f:bf:ed:b6:09:7f:cc:13:75:4d:39:c9:be:16:22:83:
a4:ef:ff:e1:2f:ed:d9:7a:0f:fd:6e:0e:6c:a9:9b:d3:
e3:fb:f9:aa:8e:de:39:81:1b:c1:84:ce:b6:59:58:b0:
1e:d3:f6:89:04:e3:48:52:b3:c7:41:da:e9:37:58:a4:
0a:5c:02:ea:ac:82:7a:68:1a:07:a9:08:4d:17:56:4d:
e7:41:a0:02:33:85:a9:40:79:35:28:59:15:f7:7b:05:
01:be:82:21:84:09:20:06:96:55:04:e4:bb:25:3d:02:
d7:5b:cb:3b:25:e1:56:00:1f:5f:03:3f:c1:64:29:88:
1f:be:ad:51:27:18:ee:cf:c5:f4:72:5d:4b:ad:99:a4:
19:fd:91:a1:38:75:20:87:f2:bd:cb:ad:82:25:f4:62:
45:4c:ac:d2:93:e3:df:64:01:82:bc:76:b4:94:60:b6:
db:f1:57:6b:a7:9e:11:df:0c:47:68:55:3e:b1:e4:8f
Exponent: 65537 (0x10001)
Signature Algorithm: PKCS #1 SHA-256 With RSA Encryption
Signature:
d4:bc:ad:af:9d:30:17:f8:07:ea:0b:f8:bc:de:d5:32:
c0:7e:c2:7b:b8:00:4f:b8:c4:c2:a1:00:25:3a:fb:b9:
aa:77:d7:0a:eb:37:8a:fe:26:96:7b:59:7d:8c:74:18:
a1:1e:e6:1c:a4:d7:e3:5d:0d:c4:7f:f3:a9:a7:40:25:
ab:14:dc:01:8b:7f:ad:dd:f3:f4:30:c6:ef:37:06:eb:
04:8a:b9:49:72:7f:37:cd:d4:1b:fe:e0:ee:9d:98:65:
55:c4:82:a5:44:e1:7e:ca:c3:96:e5:52:45:e8:b7:06:
b3:c3:73:92:15:25:00:fa:08:55:36:b2:62:eb:79:a4:
5b:a0:c4:9e:cd:85:1b:f8:fb:69:6b:74:91:3a:ea:2f:
13:19:5f:ee:8d:fd:84:09:90:14:31:d6:f4:6d:04:49:
de:9f:9b:95:64:02:63:30:23:1c:42:5d:7e:e4:83:1e:
74:67:6f:25:9d:73:cd:d8:a5:61:9e:1c:63:84:cc:d8:
90:ef:50:b9:8f:92:a9:07:cc:a5:b1:83:ea:5c:a8:e9:
4c:62:e5:3a:8e:e1:d3:8a:65:fb:67:59:74:6b:6f:20:
76:5b:a1:53:ff:d1:c4:05:70:87:1c:24:d3:e6:2c:d7:
af:80:15:8d:07:c1:5e:63:9c:69:92:ff:f1:69:a0:eb
Fingerprint (SHA-256):
8F:31:F9:13:86:B7:F3:98:6A:D9:2A:63:26:38:D2:63:AF:B9:1E:96:89:80:9A:48:94:45:B5:FA:6D:40:36:B7
Fingerprint (SHA1):
C1:8B:E6:BD:AD:CA:6C:0C:6F:90:2F:EE:19:2F:92:EA:B2:18:E1:DD
Certificate Trust Flags:
SSL Flags:
User
Email Flags:
User
Object Signing Flags:
User
答案1
经过几个小时的痛苦之后我自己找到了答案。它实际上是 mod_nss 在安装时创建的服务器证书,而不是错误配置的。
我从数据库中删除了所有密钥,并从头开始单独重新创建了所需的密钥(似乎是 2 个,一个以主机名作为 CN,一个以域作为 CN)。