DigitalOcean

Report this

What is the reason for this report?
Question

SSL Library Error: 185073780 key values mismatch

Posted on March 9, 2014
tony535690

By tony535690

Hello all,

Recently I’ve been migrating a website from Dreamhost Shared Hosting to Linode VPS running Ubuntu 12.04 LTS with all updates installed. The site has SSL set up with Dreamhost through their web interface. I’ve been trying to get the SSL installed on the Linode side to no success.

I’ve followed instructions from RapidSSL:

https://knowledge.rapidssl.com/support/ssl-certificate-support/index?page=content&actp=CROSSLINK&id=SO13985

Specifically, I’ve done the following:

sudo a2enmod ssl sudo service apache2 restart sudo mkdir /etc/apache2/ssl cd /etc/apache2/ssl openssl genrsa -out <privatekeyfilename>.key 2048 openssl req -new -key <privatekeyfilename>.key -out <csrfilename>.csr

Entered all X.509 attributes of the certificate with the exclusion of email address, challenge password, and optional company name as instructed by RapidSSL’s website.

After that I extracted the data from the .csr file, made sure there were no empty spaces/hidden characters (using Notepad++), and submitted the CSR reissue request with Namecheap.

After approving and receiving the new certificates, namely: certificate.crt intermediate.crt

I added a NameVirtualHost IPaddress:443 in the ports (/etc/apache2/ports.conf) file, and also added an additional VirtualHost configuration in the config file:

<VirtualHost 12.34.56.78:443> SSLEngine On SSLCertificateKeyFile /etc/apache2/ssl/private.key SSLCertificateFile /etc/apache2/ssl/certificate.crt SSLCACertificateFile /etc/apache2/ssl/intermediate.crt

ServerAdmin info@mydomain.com ServerName www.mydomain.com DocumentRoot /home/example_user/public/example_website/ ErrorLog /home/example_user/public/example_website/log/errorssl.log CustomLog /home/example_user/public/example_website/log/accesssl.log combined </VirtualHost>

However, anytime after I save this setting and restart Apache2, it fails and the following shows up in the Error log:

[Fri Mar 07 14:59:57 2014] [error] Unable to configure RSA server private key [Fri Mar 07 14:59:57 2014] [error] SSL Library Error: 185073780 error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch

Any idea what’s going on? I’ve looked at stack overflow posts such as: SSL install problem - “key value mismatch” (but they do match?) http://stackoverflow.com/questions/4658484/ssl-install-problem-key-value-mismatch-but-they-do-match and Apache2 SSL Certificate/Key mismatch http://stackoverflow.com/questions/17990537/apache2-ssl-certificate-key-mismatch

But I’ve got nothing so far.

Thanks in advance for the help!



This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
0
tony535690
tony535690
March 9, 2014

Oops, should be from Dreamhost to DigitalOcean. Running on the $10 plan with 1GB ram etc.

0
Will Rowe
Will RoweDigitalOcean Employee badge
March 9, 2014

Hi Tony! <br> <br>Usually that means that the private key and the certificate do not match. <br> <br>I found the following article that may help explain: <br> <br>http://www.entrust.net/knowledge-base/technote.cfm?tn=5892 <br> <br>You may need to reach out to your SSL Certificate provider for more assistance. <br> <br>Regards, <br>Will <br>

0
FMCB
FMCB
March 9, 2014

if you want to make sure whether they keys match or not, run these commands accordingly: <br>1- first command for getting the decryption of your server certificate: <br>openssl x509 -noout -modulus -in /etc/yourcertificate.crt | openssl md5
<br> <br>2- 2nd command for your (RSA) private key you got from creating csr: <br>openssl rsa -noout -modulus -in /etc/private.key | openssl md5 <br> <br>remember to change the files paths to fit where they are in your server. <br> <br>if both values match, that means the private key is the right key for your certificate. if not, then contact your issuer to inform this them with this problem. <br> <br>you can test your site to see if your SSL crt is working or not through their site: <br> <br>https://knowledge.rapidssl.com/support/ssl-certificate-support/index?page=content&id=SO9556 <br> <br>and remember that there is a specific order for crt and its key as follow: <br> <br>your private key <br>your certificate <br>intermediate CA certificate <br>other CA certificates… <br>intermediate CA certificate highest in the hierarchy <br> <br>http://stackoverflow.com/questions/4658484/ssl-install-problem-key-value-mismatch-but-they-do-match <br> <br>Good luck!!

Become a contributor for community

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Sign Up

DigitalOcean Documentation

Full documentation for every DigitalOcean product.

Learn more

Resources for startups and SMBs

The Wave has everything you need to know about building a business, from raising funding to marketing your product.

Learn more

Get our newsletter

Stay up to date by signing up for DigitalOcean’s Infrastructure as a Newsletter.

New accounts only. By submitting your email you agree to our Privacy Policy

The developer cloud

Scale up as you grow — whether you're running one virtual machine or ten thousand.

Get started for free

Sign up and get $200 in credit for your first 60 days with DigitalOcean.*

*This promotional offer applies to new accounts only.

© 2025 DigitalOcean, LLC.Sitemap.