Author Topic: chome on android doesn't trust letsencrypt  (Read 4525 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
chome on android doesn't trust letsencrypt
« on: April 18, 2018, 11:07:16 AM »
chome on android doesn't trust letsencrypt

hi , i,ve found the solution


change in /usr/local/apache/conf.d/vhosts-ssl.conf

in this way on every vhosts

SSLCipherSuite ALL:!ADH:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP
   SSLProtocol All -SSLv2 -SSLv3
   SSLCertificateFile /etc/pki/tls/certs/yourdomain.bundle
   SSLCertificateKeyFile /etc/pki/tls/private/yourdomain.key
   SSLCertificateChainFile /etc/pki/tls/certs/yourdomain.bundle
   SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown

(SSLCertificateFile /etc/pki/tls/certs/yourdomain.cert becames now  SSLCertificateFile /etc/pki/tls/certs/yourdomain.bundle)


and change on CWP Configuration Templates for apache_ssl


in this way for the future ssl domail


# vhost_start DOMAIN_REPLACE
<VirtualHost IP_REPLACE:PORT_REPLACE>
   ServerName DOMAIN_REPLACE
   ServerAlias www.DOMAIN_REPLACE
   ServerAdmin webmaster@DOMAIN_REPLACE
   DocumentRoot PATH_REPLACE
   UseCanonicalName Off
   ScriptAlias /cgi-bin/ PATH_REPLACE/cgi-bin/

   # Custom settings are loaded below this line (if any exist)
   # Include "/usr/local/apache/conf/userdata/USER_REPLACE/DOMAIN_REPLACE/*.conf

   SSLEngine on
   SSLCipherSuite ALL:!ADH:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP
   SSLProtocol All -SSLv2 -SSLv3
   SSLCertificateFile /etc/pki/tls/certs/DOMAIN_REPLACE.bundle  ######## here i've changed ;D
   SSLCertificateKeyFile KEY_PATH/DOMAIN_REPLACE.key
   SSLCertificateChainFile /etc/pki/tls/certs/DOMAIN_REPLACE.bundle
   SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown

   <IfModule mod_userdir.c>
      UserDir disabled
      UserDir enabled USER_REPLACE
   </IfModule>

   <IfModule mod_suexec.c>
      SuexecUserGroup USER_REPLACE USER_REPLACE
   </IfModule>

   <IfModule mod_suphp.c>
      suPHP_UserGroup USER_REPLACE USER_REPLACE
      suPHP_ConfigPath /home/USER_REPLACE
   </IfModule>

   <Directory "PATH_REPLACE">
      AllowOverride All
   </Directory>

</VirtualHost>
# vhost_end DOMAIN_REPLACE


thats all