We have been using a webin/virtualmin self signed ssl with no problems. We purchased a go daddy certificate and they wont except the new csr created. After speaking with godaddy suport they said usaully only two reasons that it would be rejected for not being 2048bit or already used in the system. they also can’t give me any help with server side of problems.
I’m hoping someone can suggest some things to check out, or answers to a few dumb questions
it’s on a private dedicated server running 5.2.4-2ubuntu5.12 Apache/2.2.8 let me know if any other variables are needed.
- Do you have to remove the self signed before installing CA
- Does a CA certi need deicated IP
- We have both webmin/virtualmin both have ssl settings which one sould be used (tried both)
- From virtualmin>Manage SSL Certificate>tab Signing Request>create CSR NOW button creates a certificate request and a RSA PRIVATE KEY and seems to be a new self signed certificate. Is this where I should be creating the Signing Request (CSR) for godaddy?
Any help would be appreciated
No, you don’t have to remove the existing cert.
Whenever you go to create the CSR, one of the options is “RSA key size”. It should say there what size it’s defaulting to… is it by chance 2048? If not, you should be able to select a different size there.
Thanks for the reply yes
I have used 2048 2049 and the standard 512 as pre-fill 2048 is required by go daddy could it be a permission/write issue. or we need a upgrade? baybe some other setting or server config
What you’re doing should actually work flawlessly out of the box… you shouldn’t need to change or upgrade anything… and any permission issues would prevent the CSR from being generated at all.
It’s a bummer that they aren’t able to specifically tell you why their system is rejecting the CSR, that makes you have to do a lot of guessing as to what the problem is
The CSR you’re posting – it should begin with this line:
-----BEGIN CERTIFICATE REQUEST-----
And end with this line:
-----END CERTIFICATE REQUEST-----
The entire thing, from beginning to end, should be about 18 lines.
Does that sound like what you’re seeing?
Someone just mentioned to me that they had trouble submitting a CSR to GoDaddy which didn’t have enough info in it.
That is, when generating your CSR, make sure you fill out all the fields. I’d recommend entering something for all those fields on the CSR generation page, with the exception of “Other domain names”.
thanks eric for your help it accepted it.
added company name to department field.
included -----BEGIN CERTIFICATE REQUEST----- and -----END CERTIFICATE REQUEST-----
Think i might have been just copied between the lines.
After installing the signed ca virtualmin i have all the godaddy info in the Current Certificate tab.
the virtualmin pages all show the correct ssl secured by godaddy, but on front end all other pages still show same error as self signed ssl with www. or https://snagadeal.net. checked the Edit Virtual Server link and i have ssl enabled.
IP address and interfaces sliddown :
External IP address Same as real address (22.214.171.124)
Virtual interface None
IPv6 address None
IP address 126.96.36.199 (Non-default shared address)
Virtual interface None
our private server only has one domain configured : snagadeal.net with programs runing insubfolders.
if anybody knows any things to check or have run into this before please let me know.
please let me know if there is any server info needed.
I am having the same problem. I filled out every field and generated the key but godaddy still won’t take it. I don’t get what the problem is. Anybody know about this?