SSL Certificate Warning

(2014-01-20)

Problem

Email:

################# SSL Certificate Warning ################

  Certificate for hostname 'computer.domain', in file (or by nickname):
     /etc/pki/tls/certs/localhost.crt

  The certificate needs to be renewed; this can be done
  using the 'genkey' program.

  Browsers will not be able to correctly connect to this
  web site using SSL until the certificate is renewed.

 ##########################################################
                                  Generated by certwatch(1)

Solution

Run these commands and fill out the prompts accordingly (or let the defaults blank):

# openssl req -new -days 365 -x509 -nodes -newkey rsa:2048 -out /etc/pki/tls/certs/server.crt -keyout /etc/pki/tls/private/server.key
# chmod 600 /etc/pki/tls/certs/server.crt
# chmod 600 /etc/pki/tls/private/server.key
# systemctl restart httpd

Commentary

If you ignore this message, and let the cert expire, nothing bad will happen immediately (presuming of course your users are already ignoring the "warnings" about the self-signed cert or you are not using SSL at all). However the next time httpd is bounced (manually, yum updates, or a system reboot) httpd won't start and the error message it gives you will be obscure.

Creating Custom Kernel RPMs

Dovecott: Internal Login Failure

End Of Life Repository Access

I2O RAID Controller

NFS Support

Permitting rdate access

SCSI Device Names And Bus IDs

Updating to PHP 5

Building Subversion 1.85

kickstart POST nfs mount

NFS File Creation Cache Problems

NVidia Multihead

Process Accounting

Remote X Display

rssh

SCSI Bus Rescan

SquirrelMail: Users Can't Log In

SSL Certificate Warning

TCP Window Scaling

Unexpected CUPS dependencies

X Display Through SSH

Yum barf when updating package 'file'

0x80070035 the network path was not found

bind always returns SERVFAIL

Client nis Setup

Disable IPv6

Dummy Cert Expired

Firefox Java Plugin

Force NFS v3 Mounts

Ignore Host-ID

Install VMware Tools Yum Repository

Kickstart Ethernet Devices

Leap Second

makeinfo build error

Minimal Install Can't Mount NFS Homedirs

mod_fastcgi

netdisco-1.1-1.el6.noarch

nfs v4: Nobody Ownership

Remove Host ID

Revert To eth Device Names

Samba full_audit

SElinux SSH Pubkey Bug

slow ssh connections

VM Optimizations

winbind

ypbind won't bind to anything

Active Directory with SSSD

arp

Auto SSH Agent

DSA SSH Hostkeys

Get Sendmail To Listen On 25, 425, and 587

grub parameters

hostname

Install Grub

journalctl

Passwordless SSH On NFS Home Dirs

PHP 7

slow ssh connections

SSH no matching cypher

SSL Certificate Warning

Start Interface With No IP Address

systemd

Test Sendmail TLS Certificate

tftp-server

Unban IP Address

VM Interface Bouncing

vsftp: 500 OOPS: chroot

docker

failed to load driver: swrast

Find Transparent Proxy Systems

Installing From The Vault

TCP Tuning for 10G

TCP Tuning for iperf3

Unifi Controller

Upgrading Remi PHP

Hyper-V Integration

sudo without password

Veeam Connection Error

DHCP Reservation Not Working

firewalld