Error while installing SSL in Apache

Question

I am following these steps for SSL :

openssl req -new -newkey rsa:2048 -nodes -keyout domain.key -out domain.crt

This works fine.

openssl req -text -noout -verify -in domain.crt

Works good.

openssl rsa -in domain.key -check

> RSA key ok writing RSA key
> -----BEGIN RSA PRIVATE KEY-----
> 
> 
> .....
> 
> 
> -----END RSA PRIVATE KEY-----

Move .key and .crt file to /etc/apache2/ssl

Open /etc/apache2/sites-available/default-ssl.conf

Add

SSLEngine on
SSLCertificateFile      /etc/apache2/ssl/domain.crt
SSLCertificateKeyFile /etc/apache2/ssl/domain.key

Next is

sudo a2enmod ssl

sudo service apache2 restart

Error is::

[Wed Jun 13 10:48:03.690496 2018] [ssl:emerg] [pid 2536] AH02562: Failed to configure certificate 172.31.25.100:443:0 (with chain), check /etc/apache2/ssl/domain.crt
    [Wed Jun 13 10:48:03.690538 2018] [ssl:emerg] [pid 2536] SSL Library Error: error:0906D06C:PEM routines:PEM_read_bio:no start line (Expecting: TRUSTED CERTIFICATE) -- Bad file contents or format - or even just a forgotten SSLCertificateKeyFile?
    [Wed Jun 13 10:48:03.690548 2018] [ssl:emerg] [pid 2536] SSL Library Error: error:140DC009:SSL routines:SSL_CTX_use_certificate_chain_file:PEM lib
    AH00016: Configuration Failed

Answer 1

I would recommend you to install ssl automatically. You can do it this by only some codes:

sudo apt-get install git

git clone https://github.com/letsencrypt/letsencrypt

cd letsencrypt/

./letsencrypt-auto

After this it will ask you to accept the terms and if you want to redirect all traffic from http to https. so, you have to read carefully.