I'm getting this error message when I update my certificate as I do the usual way I'm doing with all my SSL-secured websites:
https://f.haeder.net/photos/roland/image/610952856460203e85414f8155351784
On all my other websites, like tracker.mxchange.org or this very #Friendica instance I have no trouble at all. The "base" certificate (I created locally) is already renewed. The #OpenSSL configurtation file isn't any other than the other except for the
commonName
entry set to cloud.mxchange.org
:[ CA_default ]
dir = /etc/ssl/zulu289 # Where everything is kept
certs = $dir/certs # Where the issued certs are kept
database = $dir/zulu289.index # database index file.
new_certs_dir = $dir/newcerts # default place for new certs.
certificate = $dir/certs/ca.pem # The CA certificate
serial = $dir/zulu289.serial # The current serial number
crl = $dir/crl.pem # The current CRL
crlnumber = $dir/crlnumber # the current crl number must be
private_key = $dir/private/ca/zulu289-ca-key.pem # The private key
default_days = 3650 # how long to certify for
default_md = default
policy = policy_match
[ req ]
default_bits = 8192
default_keyfile = cloud-key.pem
distinguished_name = req_distinguished_name
[ ca ]
default_ca = CA_default
[ req_distinguished_name ]
countryName = DE
countryName_default = DE
stateOrProvinceName = Northrhine-Westphalia
stateOrProvinceName_default = Northrhine-Westphalia
localityName_default = Krefeld
0.organizationName = Roland Häder
0.organizationName_default = Roland Häder
organizationalUnitName = private
organizationalUnitName_default = private
commonName = cloud.mxchange.org
commonName_default = cloud.mxchange.org
emailAddress = webmaster@mxchange.org
emailAddress_default = webmaster@mxchange.org
#unstructuredName = An optional company name
[ server ]
basicConstraints=CA:FALSE
nsCertType = server
nsComment = "OpenSSL Generated Server Certificate"
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer:always
[ client ]
basicConstraints=CA:FALSE
nsCertType = client
nsComment = "OpenSSL Generated Client Certificate"
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer:always
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
[ policy_match ]
countryName = match
stateOrProvinceName = match
organizationName = match
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
I'm really out of ideas here what would have caused this.