I think your confusion is in using the cakey when in fact you should use
the key that you made the cert request from for the Server Private key
directive....
eg: if you used the following two invocations of openssl....
openssl genrsa -des3 -out server.key 1024
openssl req -new -key server.key -out server.csr
...then however you get a cert from the csr...(use CA.sh or pay a real
CA, or sign.sh) . and the cert gets saved as server.crt
then the Apache conf would be:
SSLCertificateKeyFile conf/ssl.key/server.key
SSLCertificateFile conf/ssl.crt/server.crt
if I'm not making any sense, then see if the Modssl FAQ is better for
you : http://www.modssl.org/docs/2.8/ssl_faq.html#cert-real
Jeff Landers wrote:
>I am getting the key values mismatch error which seems like it should be pretty basic
>in that they don't match just like it says. However, I remade the CA, cert request,
>and signed it using the CA.sh -newca, CA.sh -newreq, and CA.sh -sign which created
>the cakey.pem and the newcert.pem. I pointed the Server Private Key directive at the
>cakey.pem and the Server Certificate directive at the newcert.pem but still get the
>mismatch error. I searched the archives for this rookie mistake but can't figure out
>what I am doing wrong. Point me in the right direction, please. Thank you everyone
>for all of the help in getting this far. Sign me...
>
>Close but no cigar.
>
>______________________________________________________________________
>Apache Interface to OpenSSL (mod_ssl) www.modssl.org
>User Support Mailing List [EMAIL PROTECTED]
>Automated List Manager [EMAIL PROTECTED]
>
>
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
