I’m trying to install a Comodo SSL certificate on my site and after I changed the default-ssl.conf file, apache fails to start.
Here’s my default-ssl.conf file:
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin admin@site.com
ServerName site.com
ServerAlias www.site.com
DocumentRoot /var/www/html/site/public
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateKeyFile /etc/ssl/private/site.key
SSLCertificateFile /etc/ssl/private/site_com.crt
SSLCertificateChainFile /etc/ssl/private/site.ca-bundle
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/var/www/html/site/public">
AllowOverride all
Require all granted
Options Indexes FollowSymLinks MultiViews
Order allow,deny
allow from all
</Directory>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
</VirtualHost>
</IfModule>
I ran the two has checks and they are both the same value:
openssl x509 -noout -modulus -in /etc/ssl/private/fertona_com.crt | openssl md5
openssl rsa -noout -modulus -in /etc/ssl/private/fertona.key | openssl md5
My Apache error log shows the following errors:
[Tue Dec 02 23:30:26.324586 2014] [ssl:emerg] [pid 3875] SSL Library Error: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch
[Tue Dec 02 23:30:26.324596 2014] [ssl:emerg] [pid 3875] AH02311: Fatal error initialising mod_ssl, exiting. See /var/log/apache2/error.log for more information
[Tue Dec 02 23:32:59.190380 2014] [ssl:emerg] [pid 3959] AH02238: Unable to configure RSA server private key
And finally, the order of my Comodo Certificates (in my site.ca-bundle file) is like so: AddTrustExternalCARoot.crt COMODORSAAddTrustCA.crt COMODORSADomainValidationSecureServerCA.crt site_com.crt
This is my first time installing a SSL certificate and I really have no idea what the issue is. Thanks for the help!
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Sorry to see that your question hasn’t received an answer yet. Unfortunately, after this much time, it is unlikely that an answer for this specific question will be provided. For people still landing here via search, check out this tutorial. It covers installing commercial SSL certificates on both Apache and Nginx:
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and SMBs
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.