| View previous topic :: View next topic |
| Author |
Message |
roarkh
Tux's lil' helper
Joined: 24 May 2003
Posts: 92
Location: Bellingham, Washington
|
 Posted: Tue Jul 21, 2015 7:04 pm Post subject: [solved]Unable to install new SSL certificate for Apache |
 |
|
Hi everyone,
I have a Gentoo server running Apache2 with a working GoDaddy SSL certificate that is about to expire next week. Instead of trying to renew the certificate I decided I would just purchase a new certificate and set that up using the documentation I made when I set up the original certificate.
I ran the following command to create the certificate signing request (I have replaced our actual domain name with 'mydomain')...
| Code: | | openssl req -new -newkey rsa:2048 -nodes -keyout webservices.mydomain.org.key -out webservices.mydomain.org.csr |
I answered all of the questions the same as before and webservices.mydomain.org.csr was created which I supplied to GoDaddy and the new certificate was generated which I downloaded.
Then, I placed the new .crt file I received from GoDaddy into /etc/ssl/apache2, and replaced the gd_bundle-g2-g1.crt and webservices.mydomain.org.key files in there as well with the new ones. After that I edited /etc/apache2/vhosts.d/00_default_ssl_vhost.conf, the only file name that changed was the file pointing to the new certificate so I went ahead and updated that but after doing so Apache will not restart, I am presented with the following errors in the ssl error log file...
| Code: | [Tue Jul 21 11:27:11 2015] [error] Init: Private key not found
[Tue Jul 21 11:27:11 2015] [error] SSL Library Error: 218529960 error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Tue Jul 21 11:27:11 2015] [error] SSL Library Error: 218640442 error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error
[Tue Jul 21 11:27:11 2015] [error] SSL Library Error: 218529960 error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Tue Jul 21 11:27:11 2015] [error] SSL Library Error: 218595386 error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error
[Tue Jul 21 11:27:11 2015] [error] SSL Library Error: 67710980 error:04093004:rsa routines:OLD_RSA_PRIV_DECODE:RSA lib
[Tue Jul 21 11:27:11 2015] [error] SSL Library Error: 218529960 error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Tue Jul 21 11:27:11 2015] [error] SSL Library Error: 218595386 error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error |
The first error says "Private key not found" but I am positive that the configuration file is pointing to the right file.
Can anyone tell me what I might be doing wrong here? I would really appreciate any guidance as I am really stumped. I will admit this is the first time I have tried replacing an existing certificate with a new one in Gentoo so perhaps that has something to do with my confusion.
Last edited by roarkh on Tue Jul 21, 2015 7:59 pm; edited 1 time in total |
|
| Back to top |
|
 |
roarkh
Tux's lil' helper
Joined: 24 May 2003
Posts: 92
Location: Bellingham, Washington
|
| Posted: Tue Jul 21, 2015 7:58 pm Post subject: |
|
|
| I decided to just start over with another new certificate request and this time Apache restarted and recognized the new certificate just fine. I must have made a mistake somewhere the first time but am not sure what I did wrong. In any case this is solved now. |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
