Installing SSL Certificate

[riderryuken]

SELinux is actually disabled.

[mizzle]

Also, you might have some problem in one of your config files. Try stopping apache and restarting it. If there is a problem, apache will fail to start and complain about why (which should lead you to the problem).

Also, check the logs for any helpful information at /var/log/httpd/error.log

[riderryuken]

Replying with apachectl restart works fine.

The log says this minus a few repeated lines about the syntax error being erased:

[Wed Feb 13 16:22:59 2013] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Wed Feb 13 16:22:59 2013] [notice] Digest: generating secret for digest authentication ...
[Wed Feb 13 16:22:59 2013] [notice] Digest: done
[Wed Feb 13 16:22:59 2013] [warn] pid file /etc/httpd/run/httpd.pid overwritten -- Unclean shutdown of previous Apache run?
[Wed Feb 13 16:22:59 2013] [notice] Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 mod_ssl/2.2.15 OpenSSL/1.0.0-fips configured -- resuming normal operations
PHP: syntax error, unexpected '&' in /etc/php.ini on line 114
[Wed Feb 13 16:23:01 2013] [notice] SIGHUP received. Attempting to restart
[Wed Feb 13 16:23:01 2013] [notice] Digest: generating secret for digest authentication ...
[Wed Feb 13 16:23:01 2013] [notice] Digest: done
[Wed Feb 13 16:23:02 2013] [notice] Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 mod_ssl/2.2.15 OpenSSL/1.0.0-fips configured -- resuming normal operations
[Wed Feb 13 16:35:37 2013] [error] [client 180.76.5.167] File does not exist: /var/www/html/its/robots.txt
PHP: syntax error, unexpected '&' in /etc/php.ini on line 114
[Wed Feb 13 16:43:33 2013] [notice] SIGHUP received. Attempting to restart
[Wed Feb 13 16:43:33 2013] [notice] Digest: generating secret for digest authentication ...
[Wed Feb 13 16:43:33 2013] [notice] Digest: done
[Wed Feb 13 16:43:33 2013] [notice] Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 mod_ssl/2.2.15 OpenSSL/1.0.0-fips configured -- resuming normal operations

[mizzle]

Replying with apachectl restart works fine.

Do you mean to say it's working now?

[riderryuken]

No sorry. I meant I can restart with no errors or warnings that way.

[mizzle]

Right. Try fully stopping apache with
service httpd stop
And then restarting it
service httpd start

Sometimes this will uncover errors that will not show during 'restart'
Also, make sure you're trying to access the site via whatever hostname is used in your cert, and that same name is set correctly in your virtual host .conf file
ServerName example.org

[riderryuken]

No issues initially, but I did discover (I didn't set this server up. I inherited it) that there is an ssl.conf file and an httpd.conf file that both have this line

SSLCertificateKeyFile /etc/pki/tls/private/ca.key

I changed it to the new key in the httpd.conf and everything was fine. When I changed it in ssl.conf it broke again.


Also I think I may have reran the generic key making process after I got the files from register.com with their key. Would that affect anything?

[mizzle]

Well, it would over write your register.com ssl with another self signed one, if you did those steps again.

[riderryuken]

I couldn't remember if I had to submit part of that to them for the creation of the certificate and if that would mess things up by redoing it.

[mizzle]

Their FAQ that you linked to said that

Note: Your private key is a file created when you generated your CSR. If you had Register.com create your CSR for you, your Private Key will be available for download along with your Certificate(s).

So, you might be able to download it from them.