Apache Error Init Unable To Read Server Certificate From File
Contents |
here for a quick overview of the site Help Center Detailed answers to any questions you might have Meta Discuss the workings and policies of this site About Us Learn more about Stack Overflow the company Business Learn more about hiring ah02241: init: unable to read server certificate from file developers or posting ads with us Stack Overflow Questions Jobs Documentation Tags Users Badges Ask Question error:0d0680a8:asn1 encoding routines:asn1_check_tlen:wrong tag x Dismiss Join the Stack Overflow Community Stack Overflow is a community of 4.7 million programmers, just like you, helping each other. Join them;
Openssl Expecting Trusted Certificate
it only takes a minute: Sign up Installing SSL certificate causes the server to fail when restarting up vote 17 down vote favorite 3 I received my certificate by email and then created the necessary files and copied it
Init: Private Key Not Found
over. I went to restart my server and received the following errors. [Wed Feb 08 13:02:06 2012] [error] Init: Unable to read server certificate from file /home/sslcertificates/mydomain.crt [Wed Feb 08 13:02:06 2012] [error] SSL Library Error: 218529960 error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag [Wed Feb 08 13:02:06 2012] [error] SSL Library Error: 218595386 error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error Does anyone have any ideas? apache ssl centos share|improve this question asked Feb 8 '12 at 13:07 ORStudios 1,07431736 add a comment| 8 ah01895: unable to configure verify locations for client authentication Answers 8 active oldest votes up vote 0 down vote accepted It appears your SSL certificate is not following the ASN.1 encoding rules. This book might help you find the cause: ASN.1 Complete share|improve this answer answered Feb 8 '12 at 13:19 Thijs 1515 4 Problem solved, it turns out that because the certificate was copied directly from the email. the correct formatting was lost. This was leading to the error above. –ORStudios Feb 8 '12 at 14:02 2 @IconicDigital how did you correct the formatting? My key was also emailed and I tried to copy and paste it into notepad but still get the same issue. Any hints would be greatly appreciated. –Armin Nehzat Jul 9 '13 at 6:15 I copied my key from my email client into MS Notepad and then copied it from MS Notepad into my SSH client which had VIM open. This fixed the problem for me after restarting Apache. –GhostInTheSecureShell Feb 3 '14 at 14:51 11 This guy recommends an entire book??? –Jhawins Apr 24 '14 at 16:11 2 Downvoted because the answers should be self-contained. –AntonioJunior Sep 6 '14 at 14:33 add a comment| up vote 12 down vote Another possible source of failure which causes this errror message is: Instead of the certificate file I linked to the certification request file. It's recognizable when you read the first line of the file
Start here for a quick overview of the site Help Center Detailed answers to any questions you might have Meta Discuss the workings and policies of this site About Us Learn more about Stack Overflow
Pem_read_bio_x509_aux
the company Business Learn more about hiring developers or posting ads with us Server nested asn1 error Fault Questions Tags Users Badges Unanswered Ask Question _ Server Fault is a question and answer site for system and network administrators. openssl convert der to pem Join them; it only takes a minute: Sign up Here's how it works: Anybody can ask a question Anybody can answer The best answers are voted up and rise to the top Error when trying to http://stackoverflow.com/questions/9193907/installing-ssl-certificate-causes-the-server-to-fail-when-restarting start Apache after installing SSL cert up vote 4 down vote favorite 2 I am trying to install an SSL certificate, and I get the following errors: AH02241: Init: Unable to read server certificate from file /path/my.crt SSL Library Error: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag SSL Library Error: error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error (Type=X509) AH02312: Fatal error initialising mod_ssl, exiting. Here's the process I followed: I generated my private key with: openssl genrsa -out http://serverfault.com/questions/444400/error-when-trying-to-start-apache-after-installing-ssl-cert my.key 2048 I created the CSR with: openssl req -new -key my.key -out my.csr I provided the CSR to our IT department, and they returned a crt - it starts with -----BEGIN CERTIFICATE----- My ssl.conf has (my.example.com matches the Common name used during the generation of the CSR):
Red Hat Certificate System Red Hat Satellite Subscription Asset Manager Red Hat Update Infrastructure Red Hat Insights Ansible Tower by Red Hat Cloud Computing Back Red Hat CloudForms https://access.redhat.com/solutions/46858 Red Hat OpenStack Platform Red Hat Cloud Infrastructure Red Hat Cloud Suite Red Hat OpenShift Container Platform Red Hat OpenShift Online Red Hat OpenShift Dedicated Storage Back Red Hat Gluster Storage Red http://www.webhostingtalk.com/showthread.php?t=963990 Hat Ceph Storage JBoss Development and Management Back Red Hat JBoss Enterprise Application Platform Red Hat JBoss Data Grid Red Hat JBoss Web Server Red Hat JBoss Portal Red Hat JBoss unable to Operations Network Red Hat JBoss Developer Studio JBoss Integration and Automation Back Red Hat JBoss Data Virtualization Red Hat JBoss Fuse Red Hat JBoss A-MQ Red Hat JBoss BPM Suite Red Hat JBoss BRMS Mobile Back Red Hat Mobile Application Platform Services Back Consulting Technical Account Management Training & Certifications Red Hat Enterprise Linux Developer Program Support Get Support Production Support Development Support unable to read Product Life Cycle & Update Policies Knowledge Search Documentation Knowledgebase Videos Discussions Ecosystem Browse Certified Solutions Overview Partner Resources Tools Back Red Hat Insights Learn More Red Hat Access Labs Explore Labs Configuration Deployment Troubleshooting Security Additional Tools Red Hat Access plug-ins Red Hat Satellite Certificate Tool Security Back Product Security Center Security Updates Security Advisories Red Hat CVE Database Security Labs Resources Overview Security Blog Security Measurement Severity Ratings Backporting Policies Product Signing (GPG) Keys Community Back Discussions Red Hat Enterprise Linux Red Hat Virtualization Red Hat Satellite Customer Portal Private Groups All Discussions Start a Discussion Blogs Customer Portal Red Hat Product Security Red Hat Access Labs Red Hat Insights All Blogs Events Customer Events Red Hat Summit Stories Red Hat Subscription Benefits You Asked. We Acted. Open Source Communities Subscriptions Downloads Support Cases Account Back Log In Register Red Hat Account Number: Account Details Newsletter and Contact Preferences User Management Account Maintenance My Profile Notifications Help Log Out Language Back English español Deutsch italiano 한국어 français 日本語 português 中文 (中国) русский Customer Portal Search Products & Services Back View All Products Infrastructure and Management Bac
Forums Hosting Security and Technology Problem with SSL on Apache (help or quote) If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. Results 1 to 2 of 2 Thread: Problem with SSL on Apache (help or quote) Tweet Thread Tools Show Printable Version Subscribe to this Thread… Search Thread Advanced Search Display Linear Mode Switch to Hybrid Mode Switch to Threaded Mode 07-14-2010,06:26 AM #1 DjMiX View Profile View Forum Posts View Forum Threads Web Hosting Guru Join Date Nov 2004 Location Lausanne, Switzerland Posts 260 Problem with SSL on Apache (help or quote) Hello all, We are running CentOS5 with Plesk installed. Yesterday, we bought a GeoTrust certificate for the webserver and for Plesk, with domain srv1.ourdomain.tld After installation, everything went well, except that when doing SOAP requests with curl, we had a message saying that the certificate couldn't be verified. So we tried updating different files on the server, but we appearently messed up. At the moment, we cannot start Apache with mod_ssl, we always get the following errors: In httpd error_log: [Wed Jul 14 11:43:20 2010] [error] Init: Unable to read server certificate from file /etc/pki/tls/certs/localhost.crt [Wed Jul 14 11:43:20 2010] [error] SSL Library Error: 218529960 error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag [Wed Jul 14 11:43:20 2010] [error] SSL Library Error: 218595386 error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error In ssl error_log: [Wed Jul 14 00:19:49 2010] [error] Unable to configure RSA server private key [Wed Jul 14 00:19:49 2010] [error] SSL Library Error: 185073780 error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch We did modify the localhost.crt and ca-bundle.crt. I think that messed up everything. We don't know which data to put back