logo
Apache Lounge
Webmasters

 

About Forum Index Downloads Search Register Log in RSS X


Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
Post new topic   Forum Index -> Apache View previous topic :: View next topic
Reply to topic   Topic: faulty ssl installtion
Author
luggie



Joined: 14 Aug 2015
Posts: 2
Location: Germany

PostPosted: Mon 17 Aug '15 12:10    Post subject: faulty ssl installtion Reply with quote

Hi
I've got a site which runs normally without SSL.
(Using Ubuntu 14.04 lte minimal/apache2.4/hostey by hetzner, ssl-certificate via thawte/hetzner)
Thawte check site tells me that theres is somethin wrong with my ssl installtion.
These are my settings:
(virtualhost config file of my site 1234.de)
Code:
vergrößern

 <VirtualHost *:80>
        ServerAdmin 1234@5678.de
        ServerName 1234.de
        ServerAlias www.1234.de
        DocumentRoot /var/www/1234.de/public_html
        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

<IfModule mod_ssl.c>
       <VirtualHost *:443>
               SSLEngine on
               SSLCertificateFile /var/www/1234.de/ssl/public.crt
               SSLCertificateKeyFile /var/www/1234.de/ssl/private.key
               SSLCertificateChainFile /var/www/1234.de/ssl/intermediate.crt
             
               ServerAdmin 1234@5678.de
               ServerName 1234.de

               DocumentRoot /var/www/1234.de/public_html
               ErrorLog /var/www/1234.de/
       </VirtualHost>
</IfModule>

When I activate the <IfModule> part like here and restart apache it tells me:
Quote:
Action 'start' failed. The Apache error log may have more informatio

Unfortunatly, Errorlog doenst say anything about it.
This is my ports.conf:
Code:
Listen 80
NameVirtualHost *:80
#<IfModule ssl_module>
#       Listen 443
#</IfModule>

<ifModule mod_ssl.c>
        NameVirtualHost *:443
        Listen 443
</IfModule>

#<IfModule mod_gnutls.c>
#       Listen 443
#</IfModule>

# vim: syntax=apache ts=4 sw=4 sts=4 sr noet


I had to comment mod_gnutls and ssl_mod. Otherwise port 443 would be used twice, my errorlog tells me.

The three ssk key/crt files are there, they are correct and at the correct place.
ssl_mod is installed and running

Thanks, luggie

/edit: got this errorlog now that I edited the path to errorlog in first config

Code:
[ssl:emerg] [pid 18114] AH02238: Unable to configure RSA server private key
[ssl:emerg] [pid 18114] SSL Library Error: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch
Back to top
James Blond
Moderator


Joined: 19 Jan 2006
Posts: 7371
Location: Germany, Next to Hamburg

PostPosted: Mon 17 Aug '15 16:54    Post subject: Reply with quote

The content of your private key is not correct.

it should look like

Code:

-----BEGIN RSA PRIVATE KEY-----
MIIJKgIBAAKCAgEAsIkPPvBCkEKvgFBsJc4a+jmByEpHxAD8lcppbZ6uP9tAdEO2
....
PPDYsy5p7Y9leTP8IP4eAA86FDbnOlltGu7CV5FoOUicJnfkm+tMv7STWMYYLw==
-----END RSA PRIVATE KEY-----


and the certificate like

Code:

-----BEGIN CERTIFICATE-----
MIIHXjCCBkagAwIBAgIHBZAKzPB5LTANBgkqhkiG9w0BAQsFADCBjDELMAkGA1UE
...
5z6/qnuR+OVwLDmrvQpOjOshknwLPpOvjgBAj82h+EpAyurwhUNzcnRVhXx7xs+q
kxrGbM0MgaMU5DeyIwZNYcVm
-----END CERTIFICATE-----
Back to top


Reply to topic   Topic: faulty ssl installtion View previous topic :: View next topic
Post new topic   Forum Index -> Apache