A client of ours just renewed his ssl certificate. When we installed the new cert, apache gave the old:
saero44 ~> tail /usr/local/apache/logs/error_log [Fri Oct 26 14:27:36 2007] [error] ApacheSSLSetCertStuff failed [Fri Oct 26 14:28:11 2007] [crit] unable to set private key [Fri Oct 26 14:28:11 2007] [crit] error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch [Fri Oct 26 14:28:11 2007] [error] ApacheSSLSetCertStuff failed [Fri Oct 26 14:28:23 2007] [crit] unable to set private key [Fri Oct 26 14:28:23 2007] [crit] error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch [Fri Oct 26 14:28:23 2007] [error] ApacheSSLSetCertStuff failed [Fri Oct 26 14:40:20 2007] [crit] unable to set private key [Fri Oct 26 14:40:20 2007] [crit] error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch [Fri Oct 26 14:40:20 2007] [error] ApacheSSLSetCertStuff failed Here are the ssl directives from httpd.conf SSLCertificateFile /home/spectrum/ssl/secure.spectrum.aero.crt SSLCertificateKeyFile /home/spectrum/ssl/secure.spectrum.aero.key #SSLCertificateChainFile /home/spectrum/ssl/secure.spectrum.aero.ca-bundle SSLCACertificateFile /home/spectrum/ssl/secure.spectrum.aero.ca-bundle ...and to make sure that the keys match... saero44 ~> openssl rsa -noout -modulus -in /home/spectrum/ssl/secure.spectrum.aero.key | openssl md5 bc8baf22c8619f29632dee48a4003ece saero44 ~> openssl x509 -noout -modulus -in /home/spectrum/ssl/secure.spectrum.aero.crt | openssl md5 bc8baf22c8619f29632dee48a4003ece saero44 ~> When we point the server back to the old certificates, it starts w/o errors. I'm stumped. Ideas, anyone? lh.. http://www.trustix.org/
