SSL Library Error: X509_check_private_key:key values mismatch
I had more than one vhost file with SSL enabled.
The second host I didn't care about matching the domain because it was for private use. If you have more than one vhost with ssl on a single IP, you have to update the certificates in all of them at the same time, apparently.
Related videos on Youtube
01 : 50
07 : 51
04 : 06
01 : 43
01 : 55
Nick
Updated on September 18, 2022Comments
-
Nick over 1 year
I installed a new SSL certificate signed by our own Certificate Authority. Apache will not start, with the error:
SSL Library Error: 185073780 error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch
I have verified the key and cert Do match, so the error message is wrong. I have tred with and without the
SSLCaCertificateFiledirective. How do I fix this?diff <(openssl rsa -in KEY -modulus -noout) <(openssl x509 -in CERT -modulus -noout)produces no output, which I belive is corect.
The commands used to make the certificates:
Create a CA:
openssl genrsa -des3 -out ca.key 4096Self sign the CA
openssl req -new -x509 -days 1826 -key my.key -out my.crtGenerate a server key
openssl genrsa -out server.key 2048Create a csr for the new key
openssl req -new -key server.key -out server.csrCreate a certificate from a CSR:
openssl x509 -req -in server.csr -CA my.crt -CAkey my.key -out server.crt -days 1820-
ravi yarlagadda over 10 yearsWhat did you do to verify that the public and private key files match?
-
Nick over 10 yearsI used an online tool that checks to see if they match.
-
Nick over 10 yearsI just created a new key, csr and signed a new cert. Same error.
-
Nick over 10 yearsI just started over with a brand new CA, new server certs and everything, and still get this error.
-
