We're setting up a new subdomain at the office and using our wildcard SSL Cert we have. I've created my key, and my csr files. I've then sent to csr file off to get our cer file, which i now have. (I will posted commands I've run further down). I've then copied the files into the /etc/ssl/private and /etc/ssl/certs folders, and updated the apache conf file, after using a2ensite for our new domain. When trying to restart apache, the following error message is displayed:
SSL Library Error: error:0906D06C:PEM routines:PEM_read_bio:no start line (Expecting: TRUSTED CERTIFICATE) -- Bad file contents or format - or even just a forgotten SSLCertificateKeyFile?
Bash commands i've run so far (I have omitted out domain name):
openssl genrsa -des3 -out [domain].key 2048
openssl rsa -in star.[domain].key -out star.[domain].key.insecure
mv star.[domain].key star.[domain].key.secure
mv star.[domain].key.insecure star.[domain].key
openssl req -new -key star.[domain].key -out star.[domain].csr
When our domain was requested in the creation *.[domain] was entered, rather than star.[domain], as this is what is required by our provider. We then sent our csr file to our provider, and received our .cer back.
I copied the .cer to /etc/ssl/certs/star.[domain].cer and /etc/ssl/private/star.[domain].key and then updated the apache conf file [subdomain].[domain].conf with the following:
ServerAdmin IT@[domain]
ServerName [subdomain].[domain]
ServerAlias [subdomain].[domain]
SSLCertificateFile /etc/ssl/certs/star.[domain].cer
SSLCertificateKeyFile /etc/ssl/private/star.[domain].key
After saving and restarting apache (service apache2 restart), I am presented with the above error.
