CentOS 7 - SSLCertificateChainFile directive is deprecated? Should we change this?

This warning comes up when looking at the apache startup status:
The SSLCertificateChainFile directive (ssl.conf) is deprecated, SSLCertificateFile should be used instead

Should this be SSLCertificateChainFile be swapped out for SSLCertificateFile?

Hi Justin

Yes, it sounds correct and I’ll email Iw tommorow with this thread

Many thanks

John

Hi Justin

Iw Jenna has just emailed confirming you are correct. Deprecated on Apache 2.4

Many thanks

John

Good to know, I’ve changed my ssl.conf to SSLCertificateChainFile with SSLCertificateFile and everything is running fine.

Hi! Just wanted to make an update, here, that I was able to reproduce the SSLCertificateChainFile directive error after adding a chain certificate–it did not happen by default. A bug report is now on file. Thanks for letting us know! :slight_smile:

So is changing “SSLCertificateChainFile with SSLCertificateFile” a fix for now?

Hi Justin

I believe so

If I understand Jenna correctly, the bug report is to correct the entry that is created when adding chains i.e. Set the correct directive

Many thanks

John

Yes, that is the fix. The bug report is to make that happen by default.

It appears that my file was updated, but now it has both of these? So when restarting apache you can still see that warning.