Keep having to reissue a SSL CSR request with key mismatches

Discussion in 'Apache' started by Yshua, Dec 24, 2012.

0
  1. #1
    Dear Folks:

    Where else could I go for help with Apache2.2 server on Win 7, PHP 5.3.8, MySQL 5.17, etc.? Have read up (I thought) on how to create a private key without a pass phrase, and all looked great and smooth. Got spaces out of key and Cert files and the bundle intermediate CA file as well. Everything was smooth as silk until again the following msgs:

    [Mon Dec 24 23:18:43 2012] [info] Loading certificate & private key of SSL-aware server
    [Mon Dec 24 23:18:43 2012] [debug] ssl_engine_pphrase.c(470): unencrypted RSA private key - pass phrase not required
    [Mon Dec 24 23:18:43 2012] [info] Configuring server for SSL protocol
    [Mon Dec 24 23:18:43 2012] [debug] ssl_engine_init.c(465): Creating new SSL context (protocols: SSLv2, SSLv3, TLSv1)
    [Mon Dec 24 23:18:43 2012] [debug] ssl_engine_init.c(745): Configuring server certificate chain (2 CA certificates)
    [Mon Dec 24 23:18:43 2012] [debug] ssl_engine_init.c(420): Configuring TLS extension handling
    [Mon Dec 24 23:18:43 2012] [debug] ssl_engine_init.c(792): Configuring RSA server certificate
    [Mon Dec 24 23:18:43 2012] [debug] ssl_engine_init.c(831): Configuring RSA server private key
    [Mon Dec 24 23:18:43 2012] [error] Unable to configure RSA server private key
    [Mon Dec 24 23:18:43 2012] [error] SSL Library Error: 185073780 error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch

    But the access log has zero entries after 4pm....

    Down to another mismatch! Heard somewhere about trying to unencrypt the key with .509, and such, without success. For me it's no guts, no glory. Will keep going along at my turtle's pace without someone helping me. Been reading up on possible causes, like forgetting to update the SSL Cert. file in htdocs directory. Am also having trouble understanding how to keep directories straight with all the websites' recommendations.

    ANY help is greatly appreciated,
    Yshua
     
    Yshua, Dec 24, 2012 IP
  2. Yshua

    Yshua Greenhorn

    Messages:
    37
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    16
    #2
    Got it, folks:

    They kept saying to right click on the CA intermediate certificate, instead of merely storing it in Notepad with a ".crt" or ".pem" extension. Finally it stuck out like a sore thumb, and the data matched and stored correctly. Yeow!

    Yshua
     
    Yshua, Dec 28, 2012 IP