Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 6 of 6
  1. #1
    New Coder
    Join Date
    May 2009
    Location
    Bangalore
    Posts
    75
    Thanks
    5
    Thanked 0 Times in 0 Posts

    Question Problem in Installing the SSL certificate

    Hi All,

    I am not sure whether this is the right place to post the query related to SSL certificate installation problem but still hope to get some solution out of here.

    The problem is that I have installed apache SSL certificate but after restarting the server it is showing some Error 1. After greping the errors from error_log I found that there were two errors as mentioned below:

    1) Unable to configure RSA server private key

    2) SSL Library Error: 185073780 error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch

    Now as is clear from the error that there is some mismatch in the private key and the certificate but this mismatch is far from understanding as I have followed each and every step which is there in the manual.

    Can anyone help me out as this is some what urgent and due to the certificate the application is on hold.

    Thanks in advance for any help in this regard.

  • #2
    New to the CF scene
    Join Date
    Mar 2010
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Same problem

    I have the same problem.

    I regenerated at least 5 time certificate files but the error persist.

    i'm very interested by the answer !

    Code:
    <VirtualHost *:443>
    	ServerName www.domain.com
        SSLEngine On
        SSLCertificateFile E:/server/openssl/domain.cert
        #SSLCertificateFile E:/server/openssl/privkey.pem
        SSLCertificateKeyFile E:/server/openssl/domain.key
    	DocumentRoot E:/www/
    	ErrorLog E:/logs/ssl-domain.com_error.log
    	TransferLog E:/logs/ssl-domain.com_access.log
    </VirtualHost>

  • #3
    120
    120 is offline
    Regular Coder
    Join Date
    Nov 2009
    Location
    UK
    Posts
    105
    Thanks
    6
    Thanked 15 Times in 15 Posts
    How did you generate the key/cert? There is a script (CA.pl) which produces a key with a passphrase and it appears in lots of 'how to's' on SSL/TLS. Apache (and Postfix + lots of other SSL/TLS programs) can't cope with a passphrase and you get all kinds of odd errors if you create it this way. If you've produced it with something else or the cli 'openssl req -new -nodes ...' this probably won't be your issue.

    Review what you set the OU and CN to in the CERT/REQUEST and make sure it matches 'www.domain.com'. There is a subtle difference between www.domain.com and domain.com and that can break things too.

  • #4
    New Coder
    Join Date
    May 2009
    Location
    Bangalore
    Posts
    75
    Thanks
    5
    Thanked 0 Times in 0 Posts

    Issue Resolved.

    The main problem was that there is one more conf file called SSL.conf and whatever path we use to specify for the key and certificate in the http.conf needs to be set in SSl.conf also. Since the path was not set in the SSL.conf that's why it was giving the specified error.

    Still thank you all for your responses.

  • #5
    Banned
    Join Date
    Jan 2010
    Posts
    5
    Thanks
    1
    Thanked 0 Times in 0 Posts
    This error can be caused by an incorrect configuration. Please make sure that your Listen directives match your <VirtualHost> directives. If all else fails, please start afresh, using the default configuration provided by mod_ssl.

  • #6
    New to the CF scene
    Join Date
    Mar 2010
    Location
    www.techmafia.org
    Posts
    8
    Thanks
    1
    Thanked 0 Times in 0 Posts
    You trying it on localhost /On your machine?


    coz with webservers i dont think

    virtual host tag in htaccess will be allowed?


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •