Apache Ssl Library Error
Contents |
here for a quick overview of the site Help Center Detailed answers to any questions you might have Meta Discuss the workings and policies of this site About Us Learn more about Stack Overflow the company Business Learn ssl library error: 218529960 error:0d0680a8:asn1 encoding routines:asn1_check_tlen:wrong tag more about hiring developers or posting ads with us Stack Overflow Questions Jobs Documentation Tags Users ah02241: init: unable to read server certificate from file Badges Ask Question x Dismiss Join the Stack Overflow Community Stack Overflow is a community of 4.7 million programmers, just like you, helping init: private key not found each other. Join them; it only takes a minute: Sign up Installing SSL certificate causes the server to fail when restarting up vote 17 down vote favorite 3 I received my certificate by email and then created the
Error:0906d06c:pem Routines:pem_read_bio:no Start Line
necessary files and copied it over. I went to restart my server and received the following errors. [Wed Feb 08 13:02:06 2012] [error] Init: Unable to read server certificate from file /home/sslcertificates/mydomain.crt [Wed Feb 08 13:02:06 2012] [error] SSL Library Error: 218529960 error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag [Wed Feb 08 13:02:06 2012] [error] SSL Library Error: 218595386 error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error Does anyone have any ideas? apache ssl centos share|improve this question asked Feb 8 '12 ah02238: unable to configure rsa server private key at 13:07 ORStudios 1,07431736 add a comment| 8 Answers 8 active oldest votes up vote 0 down vote accepted It appears your SSL certificate is not following the ASN.1 encoding rules. This book might help you find the cause: ASN.1 Complete share|improve this answer answered Feb 8 '12 at 13:19 Thijs 1515 4 Problem solved, it turns out that because the certificate was copied directly from the email. the correct formatting was lost. This was leading to the error above. –ORStudios Feb 8 '12 at 14:02 2 @IconicDigital how did you correct the formatting? My key was also emailed and I tried to copy and paste it into notepad but still get the same issue. Any hints would be greatly appreciated. –Armin Nehzat Jul 9 '13 at 6:15 I copied my key from my email client into MS Notepad and then copied it from MS Notepad into my SSH client which had VIM open. This fixed the problem for me after restarting Apache. –GhostInTheSecureShell Feb 3 '14 at 14:51 11 This guy recommends an entire book??? –Jhawins Apr 24 '14 at 16:11 2 Downvoted because the answers should be self-contained. –AntonioJunior Sep 6 '14 at 14:33 add a comment| up vote 12 down vote Another possible source of failure which causes this errror message is: Instead of the certificate file I linke
Start here for a quick overview of the site Help Center Detailed answers to any questions you might have Meta Discuss the workings and policies of this site About Us Learn more about Stack Overflow the ah01895: unable to configure verify locations for client authentication company Business Learn more about hiring developers or posting ads with us Server Fault Questions
Pem_read_bio_x509_aux
Tags Users Badges Unanswered Ask Question _ Server Fault is a question and answer site for system and network administrators. Join them;
Nested Asn1 Error
it only takes a minute: Sign up Here's how it works: Anybody can ask a question Anybody can answer The best answers are voted up and rise to the top Error when trying to start Apache after http://stackoverflow.com/questions/9193907/installing-ssl-certificate-causes-the-server-to-fail-when-restarting installing SSL cert up vote 4 down vote favorite 2 I am trying to install an SSL certificate, and I get the following errors: AH02241: Init: Unable to read server certificate from file /path/my.crt SSL Library Error: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag SSL Library Error: error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error (Type=X509) AH02312: Fatal error initialising mod_ssl, exiting. Here's the process I followed: I generated my private key with: openssl genrsa -out my.key 2048 I created http://serverfault.com/questions/444400/error-when-trying-to-start-apache-after-installing-ssl-cert the CSR with: openssl req -new -key my.key -out my.csr I provided the CSR to our IT department, and they returned a crt - it starts with -----BEGIN CERTIFICATE----- My ssl.conf has (my.example.com matches the Common name used during the generation of the CSR):
have one accepted answer. Are you sure you want to replace the current https://www.digitalocean.com/community/questions/ssl-library-error-185073780-key-values-mismatch answer with this one? Yes, I'm sure. Changed your mind? You previously marked this answer as accepted. Are you sure you want to unaccept it? Yes, I'm sure. Sign Up Log In submit Tutorials Questions Projects Meetups Main Site logo-horizontal DigitalOcean Community Menu Tutorials Questions Projects Meetups Main Site Sign unable to Up Log In submit View All Results By: tony535690 Subscribe Subscribed Share 0 SSL Library Error: 185073780 key values mismatch March 9, 2014 45.9k views Hello all, Recently I've been migrating a website from Dreamhost Shared Hosting to Linode VPS running Ubuntu 12.04 LTS with all updates installed. The site ssl library error has SSL set up with Dreamhost through their web interface. I've been trying to get the SSL installed on the Linode side to no success. I've followed instructions from RapidSSL: https://knowledge.rapidssl.com/support/ssl-certificate-support/index?page=content&actp=CROSSLINK&id=SO13985 Specifically, I've done the following: sudo a2enmod ssl sudo service apache2 restart sudo mkdir /etc/apache2/ssl cd /etc/apache2/ssl openssl genrsa -out .key 2048 openssl req -new -key .key -out .csr Entered all X.509 attributes of the certificate with the exclusion of email address, challenge password, and optional company name as instructed by RapidSSL's website. After that I extracted the data from the .csr file, made sure there were no empty spaces/hidden characters (using Notepad++), and submitted the CSR reissue request with Namecheap. After approving and receiving the new certificates, namely: certificate.crt intermediate.crt I added a NameVirtualHost IPaddress:443 in the ports (/etc/apache2/ports.conf) file, and also added an additional VirtualHost configuration in the config file: SSLEngine On SSLCertificateKeyFile /etc/apache2/ssl/private.key SSLCertificateFile /etc/apache2/ssl/ce