I’ve just installed a wildcard SSL certificate (GoDaddy) in the main domain of our VirtualMin Pro server. Everything looks good as far as I can see in the VirtualMin interface.
Yet when I try to access the https:// website, I get the warning about the old self-signed certificate. I’ve restarted Apache and dug around a bit but I’m not an Apache config guru.
Could somebody point me in a likely direction? Let me know if more info is needed and I’ll provide it.
(Replying to my own messsage, which is pretty typical of me.)
Turns out I found the solution.
The file “/etc/httpd/conf.d/ssl.conf” was referencing the old self signed certificate and key. At first I tried just commenting out the relevant line but Apache wouldn’t start up when I did so I replaced the references to the self signed stuff to references to the new certificate files:
Now going to the https:// address works correctly. I’m assuming that the config in this file is global to the entire Apache server but since I’ll only have one SSL certificate on the server, I don’t think this would have a big impact. Please let me know if I’m wrong! (Or give me what the “proper” way to do it would be.)
Now I have another problem though. I enabled SSL on one of the site’s subservers (which is on a subdomain, therefore covered by the wildcard certificate). When I go to “https://sub.mysite.com”, I end up on “http://www.mysite.com”. (I wouldn’t have been surprised to end up on the secure version of the site, but to be kicked to the non-secure site is a little weird…) Not sure where that’s coming from…
As before I’d be grateful for any help. Thanks.