Author Topic: [SOLVED]Web interface - apache ssl error x509_check_private_key:key values mism  (Read 2441 times)

nread

  • Zen Apprentice
  • *
  • Posts: 2
  • Karma: +0/-0
    • View Profile
I am a relative beginner with zentyal so please bear with me.
I have zentyal 3.0 installed and it was working correctly up until I changed the ssl certificates and then rebooted.
Now the WEB Admin interface no longer work https:\\localhost gives "Unable to connect".
In the zentyal.log I have the message "Error restarting service: ...."
"httpd not running, trying to start", "Action restart failed"
and in the error log I have "Unable to configure RSA server private key", SSL Library Error: 185073780 ..... X509_check_private_key: key values mismatch"

I have checked the certificate and private key in /var/lib/zentyal/conf/ssl and the modulus check out ok.

How do I proceed?

I have tried altering the apache config in /var/lib/zentyal/conf/apache2.conf to increase the logging level to debug for the ssl_engine to give me more information but every time I restart apache (/etc/init.d/zentyal apache restart) it reloads the config back to the original.
« Last Edit: July 23, 2013, 01:33:57 pm by nread »

nread

  • Zen Apprentice
  • *
  • Posts: 2
  • Karma: +0/-0
    • View Profile
I found out how to modify the config by modifying the zentyal template.
I now have managed to work out that the ssl.cert and ssl.key are correct but the ssl.pem file (not sure what generates this) is invalid.
So my solution is to alter the config for the SSL site to use the key and cert files rather than the pem file.
At least it is working and I can now use the Web interface and therefore debug the SSL certificates at my leasure.