I need to update my certificate issued. by www.ionos.it on a Centos server and so I received the key and .cer and intermediate certificate by them. Consequently I executed:
sudo openssl x509 -inform PEM -in taxiprofessional.net_ssl_certificate-3.cer -out taxiprofessional_net.crt
to get the certificate and joined it to the intermediate one to get the ca_bundle. My ssl configuration is the following:
SSLCertificateFile /etc/ssl/2020/taxiprofessional_net.crt
SSLCertificateKeyFile /etc/ssl/2020/taxiprofessional.key
SSLCertificateChainFile /etc/ssl/2020/taxiprofessional_net.ca-bundle
Yet when I restart apache it refuses to start. The log file reports:
SSL Library Error: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch
How may I know what is happening, and someone may help about what might be wrong in my way of doing?
Thanks
Certificate and key issued by ionos not working on SSL service
Re: Certificate and key issued by ionos not working on SSL service
I think it's telling you that the key (private) and public don't match.
Given you're not using the "normal" paths for the certificates, it seems likely that SE would get in the way.
You can verify the private and public files match by checking the sha256sum for each (Google will tell you how to do this).
Otherwise, set SE into Permissive mode and try again.
Given you're not using the "normal" paths for the certificates, it seems likely that SE would get in the way.
You can verify the private and public files match by checking the sha256sum for each (Google will tell you how to do this).
Otherwise, set SE into Permissive mode and try again.
Re: Certificate and key issued by ionos not working on SSL service
Your cert files would probably be better in the standard location of /etc/pki/tls/certs but I think /etc/ssl is also known.
Do you have a passphrase on your keyfile?
Do you have a passphrase on your keyfile?
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke