See server name according to SSL certificates

Question

I have a problem installing the SSL certificates. The problem i think the server name doesn't match the certificate's server name.

Here the exact Apache problem:

[Wed Oct 02 18:33:23 2013] [warn] RSA server certificate CommonName (CN) `name1.name2.fr' does NOT match server name!?
[Wed Oct 02 18:33:23 2013] [error] Unable to configure RSA server private key
[Wed Oct 02 18:33:23 2013] [error] SSL Library Error: 185073780 error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch
[Wed Oct 02 18:34:00 2013] [warn] RSA server certificate CommonName (CN) `name1.name2.fr' does NOT match server name!?
[Wed Oct 02 18:34:00 2013] [error] Unable to configure RSA server private key
[Wed Oct 02 18:34:00 2013] [error] SSL Library Error: 185073780 error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch 

We use RHEL 6. How can i see the server name and how to change it ?

Thanks in advance.

Answer 1

You have to set the Server's DNS name first:

so perform the command
$ sudo gksu gedit  /etc/hostname  to edit the hostname file
add the line www.example.com

$ sudo  /etc/hosts and add the line:
127.0.0.1   www.example.com localhost

After that make sure to use that domain name in creating or signing the certificate

Answer 2

I had this warning in ssl_error_log:

[Wed Dec 11 14:02:41 2013] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Wed Dec 11 14:02:41 2013] [warn] RSA server certificate CommonName (CN) `localhost.localdomain' does NOT match server name!?

It is because that mod_ssl in CentOS (5.10) came with a default virtualhost which will use the default cert in /etc/pki/tls/certs/localhost.crt....

I removed the virtualhost section in conf.d/ssl.conf and the warning disappeared after reloading apache.