It is not uncommon to have files in a different format to what is required and you need to convert and even possibly extract out just the private key from a file which contains multiple things. You are going to need to look at docs for your certificate authority to understand what is the private key or how to extract/convert it to what Apache wants from what you have been given.
You want the file necessary for SSLCertificateKeyFile directive in Apache. https://httpd.apache.org/docs/2.4/mod/mod_ssl.html#sslcertificatekeyfile <https://httpd.apache.org/docs/2.4/mod/mod_ssl.html#sslcertificatekeyfile> Graham > On 19 Nov 2021, at 6:16 pm, Shetu <shetu...@gmail.com> wrote: > > I have the following set of keys and certificates which I got from the > certificate authority:- > > host_name.csr > server_name.crt > Intermediate-CA.pem > ROOT-CA.pem > host_name.keystore.original > host_name.keystore > > I have set the key file as the .pem file but still getting this error:- > > [Fri Nov 19 07:10:33 2021] [ip AH02203: Init: Private key not found > [Fri Nov 19 07:10:33 2021] [ip SSL Library Error: error:0D0680A8:asn1 > encoding routines:ASN1_CHECK_TLEN:wrong tag > [Fri Nov 19 07:10:33 2021] [ip SSL Library Error: error:0D08303A:asn1 > encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error > [Fri Nov 19 07:10:33 2021] [ip SSL Library Error: error:0D0680A8:asn1 > encoding routines:ASN1_CHECK_TLEN:wrong tag > [Fri Nov 19 07:10:33 2021] [ip SSL Library Error: error:0D07803A:asn1 > encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error (Type=RSA) > [Fri Nov 19 07:10:33 2021] [ip SSL Library Error: error:04093004:rsa > routines:OLD_RSA_PRIV_DECODE:RSA lib > [Fri Nov 19 07:10:33 2021] [ip SSL Library Error: error:0D0680A8:asn1 > encoding routines:ASN1_CHECK_TLEN:wrong tag > [Fri Nov 19 07:10:33 2021] [ip SSL Library Error: error:0D07803A:asn1 > encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error > (Type=PKCS8_PRIV_KEY_INFO) > [Fri Nov 19 07:10:33.592064 2021] [ssl:emerg] [pid 18369:tid 140598354167616] > AH02312: Fatal error initialising mod_ssl, exiting. > > > > On Friday, November 19, 2021 at 12:38:14 PM UTC+5:30 Graham Dumpleton wrote: > Are you sure you are using the correct file for the private key? I have never > seen a convention of the private key file having a '.keystore' extension. > Would usually be a .pem file extension. > > Graham > > >> On 19 Nov 2021, at 6:05 pm, Shetu <shet...@gmail.com >> <applewebdata://715C30FF-3814-4CDE-916C-F162141318D4>> wrote: >> > >> Getting these errors :- >> [Fri Nov 19 06:57:36 2021] [ip AH02203: Init: Private key not found >> [Fri Nov 19 06:57:36 2021] [ip SSL Library Error: error:0D07207B:asn1 >> encoding routines:ASN1_get_object:header too long >> [Fri Nov 19 06:57:36.717374 2021] [ssl:emerg] [pid 12557:tid >> 139779757414208] AH02312: Fatal error initialising mod_ssl, exiting. >> >> >> I have also added the server name in the command >> >> On Friday, November 19, 2021 at 12:10:21 PM UTC+5:30 Graham Dumpleton wrote: >> What are the error messages you are getting and where? >> >> Also be aware you must supply the --server-name option with the hostname of >> the site which matches what you set in the certificate. >> >> >>> On 19 Nov 2021, at 5:36 pm, Shetu <shet...@gmail.com <>> wrote: >>> >> >>> Hi Graham, >>> >>> I am using modwsgi express to run my Django application on mod_wsgi Apache >>> server. I am not able to start my server on https port although it works on >>> http port. >>> >>> This is the command I used to start the server(mentioned only https and ssl >>> parameters) >>> >>> ./manage.py runmodwsgi --https-only --https-port 8443 >>> --ssl-certificate-key-file /apps/django_app/keystore/server_name.keystore >>> --ssl-certificate-file /apps/django_app/keystore/server_name.crt >>> >>> Please let me know where I may be going wrong. >>> >>> Regards, >>> Shetu >>> >>> >>> >> >>> -- >>> You received this message because you are subscribed to the Google Groups >>> "modwsgi" group. >>> To unsubscribe from this group and stop receiving emails from it, send an >>> email to modwsgi+u...@googlegroups.com <>. >>> To view this discussion on the web visit >>> https://groups.google.com/d/msgid/modwsgi/e7ccbe41-a58f-44db-852a-fd1e618a99bfn%40googlegroups.com >>> >>> <https://groups.google.com/d/msgid/modwsgi/e7ccbe41-a58f-44db-852a-fd1e618a99bfn%40googlegroups.com?utm_medium=email&utm_source=footer>. >> >> >> -- >> You received this message because you are subscribed to the Google Groups >> "modwsgi" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to modwsgi+u...@googlegroups.com >> <applewebdata://715C30FF-3814-4CDE-916C-F162141318D4>. > >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/modwsgi/f087841a-360e-489b-b3bd-6ff915a666dfn%40googlegroups.com >> >> <https://groups.google.com/d/msgid/modwsgi/f087841a-360e-489b-b3bd-6ff915a666dfn%40googlegroups.com?utm_medium=email&utm_source=footer>. > > > -- > You received this message because you are subscribed to the Google Groups > "modwsgi" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to modwsgi+unsubscr...@googlegroups.com > <mailto:modwsgi+unsubscr...@googlegroups.com>. > To view this discussion on the web visit > https://groups.google.com/d/msgid/modwsgi/4a18ebc9-4dd1-4c91-b0cd-08d7909197bcn%40googlegroups.com > > <https://groups.google.com/d/msgid/modwsgi/4a18ebc9-4dd1-4c91-b0cd-08d7909197bcn%40googlegroups.com?utm_medium=email&utm_source=footer>. -- You received this message because you are subscribed to the Google Groups "modwsgi" group. To unsubscribe from this group and stop receiving emails from it, send an email to modwsgi+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/modwsgi/AE6E1793-5557-452F-9FB8-92CC334F5FEE%40gmail.com.
