Hello,
I am in desperate need of some help!
I have requested a new certificate from Verisign, however it doesn't
seem to work! I get the error when starting Apache..
Unable to configure RSA server private key (OpenSSL library error follows)
OpenSSL: error:0B080074:x509 certificate
routines:X509_check_private_key:key values mismatch
httpd.conf does nto start, only httpd_pls.conf starts
To test the issue, I created a new csr file to send them for a trial
certificate, based on the current apache_1024.key file but it still
doesn't work!
I checked everywhere and found the same comments..
"basically say that the private key does not match the certificate."
I ran a couple of commands to compare the 2 based on all the hits I got....
"
You can check to make sure that you your private key and certificate are
in the correct format and match each other. To do this, give the
commands below to decrypt the private key in one terminal window and
decrypt the certificate in the other. What you will be comparing are the
Modulus and the Exponent of each key. If the modulus and exponent from
the key matches the set from the certificate, you have just confirmed
that your certificate and key are correctly paired.
If all else fails, create a new private key, CSR or self-signed
certificate. Before you do this, check your CA's re-issue policy. You
may be charged for a re-issue.
To view the contents of the certificate:
|openssl x509 -noout -text -in filename.crt
|
To view the contents of the private key:
|openssl rsa -noout -text -in filename.key"
| $OPENSSL_TOP/bin/openssl x509 -noout -text -in apache_1024.crt
Modulus (1024 bit):
00:c2:4d:20:ed:a1:87:44:33:af:1e:28:c6:2d:e7:
63:bd:25:b4:2e:ad:84:21:55:ec:1a:aa:99:61:45:
66:10:8d:4d:17:16:2d:cc:ac:a8:1c:4e:08:4d:7b:
24:e4:d0:7d:f8:cb:5b:23:e1:8f:48:f7:0d:96:4e:
3d:d8:50:32:ee:10:9c:44:32:cf:1e:74:1a:3d:37:
a0:06:87:dc:db:7a:9f:e7:9a:70:4a:fb:e8:81:f2:
43:17:be:99:ce:ce:10:29:05:64:c6:01:8e:d3:a3:
33:34:89:cf:ad:aa:b7:69:ab:c0:75:d2:aa:0a:f3:
59:b8:ec:19:bd:73:56:b8:15
Exponent: 65537 (0x10001)
$OPENSSL_TOP/bin/openssl rsa -noout -text -in apache_1024.key
modulus:
00:c2:4d:20:ed:a1:87:44:33:af:1e:28:c6:2d:e7:
63:bd:25:b4:2e:ad:84:21:55:ec:1a:aa:99:61:45:
66:10:8d:4d:17:16:2d:cc:ac:a8:1c:4e:08:4d:7b:
24:e4:d0:7d:f8:cb:5b:23:e1:8f:48:f7:0d:96:4e:
3d:d8:50:32:ee:10:9c:44:32:cf:1e:74:1a:3d:37:
a0:06:87:dc:db:7a:9f:e7:9a:70:4a:fb:e8:81:f2:
43:17:be:99:ce:ce:10:29:05:64:c6:01:8e:d3:a3:
33:34:89:cf:ad:aa:b7:69:ab:c0:75:d2:aa:0a:f3:
59:b8:ec:19:bd:73:56:b8:15
publicExponent: 65537 (0x10001)
These match!!!!!!
So why does it say mismatch??
Am I comparing the right files?
If they match, it does not say what I can check next.
Any suggestions please???
Kind Regards,
Adriana Dalley
-
