Apache2 Error Init Unable To Read Server Certificate From File
Contents |
Start here for a quick overview of the site Help Center Detailed answers to any questions you might have Meta Discuss the workings ah02241: init: unable to read server certificate from file and policies of this site About Us Learn more about Stack Overflow
Unable To Load Certificate Expecting Trusted Certificate
the company Business Learn more about hiring developers or posting ads with us Server Fault Questions Tags Users error:0d0680a8:asn1 encoding routines:asn1_check_tlen:wrong tag Badges Unanswered Ask Question _ Server Fault is a question and answer site for system and network administrators. Join them; it only takes a minute: Sign up Here's how it ssl: error:0906d06c:pem routines:pem_read_bio:no start line:expecting: trusted certificate works: Anybody can ask a question Anybody can answer The best answers are voted up and rise to the top SSL Error - unable to read server certificate from file up vote 21 down vote favorite 10 I've been setting up SSL for my domain today, and have struck another issue - I was hoping someone could shed some light on..
Error:0906d06c:pem Routines:pem_read_bio:no Start Line Nodejs
I keep receiving the following error messages: [error] Init: Unable to read server certificate from file /etc/apache2/domain.com.ssl/domain.com.crt/domain.com.crt [error] SSL Library Error: 218529960 error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag [error] SSL Library Error: 218595386 error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error I'm running Apache 2.2.16 and Ubuntu 10.10. My .crt file has the Begin and End tags, and has been copied exactly from the confirmation email I received, very frustrating! Cheers! Edit >> When trying to verify the .crt It doesn't seem to work: >> openssl x509 -noout -text -in domain.com.crt unable to load certificate 16851:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:650:Expecting: TRUSTED CERTIFICATE Also >> >> openssl x509 -text -inform PEM -in domain.com.crt unable to load certificate 21321:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:650:Expecting: TRUSTED CERTIFICATE >> openssl x509 -text -inform DER -in domain.com.crt unable to load certificate 21325:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:1316: 21325:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:380:Type=X509 Edit>> (Cheers for the help by the way) >> grep '^-----' domain.com.crt -----BEGIN CERTIFICATE----- -----END CERTIFICATE----- Just emailed the company providing the Certificate, they responded> I have checked the CSR file that you have provided and I can assure that this was correctly generated.
here for a quick overview of the site Help Center Detailed answers to any questions you might have Meta Discuss the workings and policies of this site About Us Learn more about Stack Overflow the company init: private key not found Business Learn more about hiring developers or posting ads with us Stack Overflow Questions Jobs pem routines:pem_read_bio:no start line:pem_lib.c:703:expecting: any private key Documentation Tags Users Badges Ask Question x Dismiss Join the Stack Overflow Community Stack Overflow is a community of 4.7 million programmers,
Expecting: Certificate Request
just like you, helping each other. Join them; it only takes a minute: Sign up Installing SSL certificate causes the server to fail when restarting up vote 17 down vote favorite 3 I received my certificate by http://serverfault.com/questions/316907/ssl-error-unable-to-read-server-certificate-from-file email and then created the necessary files and copied it over. I went to restart my server and received the following errors. [Wed Feb 08 13:02:06 2012] [error] Init: Unable to read server certificate from file /home/sslcertificates/mydomain.crt [Wed Feb 08 13:02:06 2012] [error] SSL Library Error: 218529960 error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag [Wed Feb 08 13:02:06 2012] [error] SSL Library Error: 218595386 error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error Does anyone have any ideas? apache ssl centos share|improve http://stackoverflow.com/questions/9193907/installing-ssl-certificate-causes-the-server-to-fail-when-restarting this question asked Feb 8 '12 at 13:07 ORStudios 1,07431736 add a comment| 8 Answers 8 active oldest votes up vote 0 down vote accepted It appears your SSL certificate is not following the ASN.1 encoding rules. This book might help you find the cause: ASN.1 Complete share|improve this answer answered Feb 8 '12 at 13:19 Thijs 1515 4 Problem solved, it turns out that because the certificate was copied directly from the email. the correct formatting was lost. This was leading to the error above. –ORStudios Feb 8 '12 at 14:02 2 @IconicDigital how did you correct the formatting? My key was also emailed and I tried to copy and paste it into notepad but still get the same issue. Any hints would be greatly appreciated. –Armin Nehzat Jul 9 '13 at 6:15 I copied my key from my email client into MS Notepad and then copied it from MS Notepad into my SSH client which had VIM open. This fixed the problem for me after restarting Apache. –GhostInTheSecureShell Feb 3 '14 at 14:51 11 This guy recommends an entire book??? –Jhawins Apr 24 '14 at 16:11 2 Downvoted because the answers should be self-contained. –AntonioJunior Sep 6 '14 at 14:33 add a comment| up vote 12 down vote Another possible source of
IP based Virtual Hosts - httpd fails to start Support for webhosts that use CentOS Post Reply Print view Search http://www.centos.org/forums/viewtopic.php?t=31350 Advanced search 6 posts • Page 1 of 1 videod Posts: 8 Joined: 2011/05/26 01:02:12 Contact: Contact videod Website SSL Certificates for IP based Virtual Hosts - httpd fails to start Quote Postby videod » 2011/05/27 01:15:01 Background - I have installled a self signed certificate for a devlopment environment I created on VMWare 2.2. unable to I used the following method:========================================Creating your certificateYou will now have everything on your server to create CAs. You need to generate a private key, a csr, a self-signed key, and then you need to copy these files to the correct location. This is done with the following steps. 1. Open up a terminal window. 2. Su routines:pem_read_bio:no start line to the root user. 3. Generate the private key with the command openssl genrsa -out ca.key 1024. 4. Generate the csr with the command openssl req -new -key ca.key -out ca.csr. 5. Generate the self-signed key with the command openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt. 6. Move the self-signed key with the command cp ca.crt /etc/pki/tls/certs. 7. Move the private key with the command cp ca.key /etc/pki/tls/private/ca.key. 8. Move the csr with the command cp ca.csr /etc/pki/tls/private/ca.csr.Edit the Apache SSL configurationOpen the file /etc/httpd/conf.d/ssl.conf and look for the section SSLCertificateFile. Make sure that line reads:SSLCertificateFile /etc/pki/tls/certs/ca.crtNow look for the SSLCertificateKeyFile and make sure that section reads:SSLCertificateKeyFile /etc/pki/tls/private/ca.keySave that file and you are ready to restart Apache.Restart and test==================================================The websties are setup as Vitrual Hosts both IP and Named based.For some reason when I try to start httpd it fails, but when everything is named based (SSL disabled) httpd works. I looked in the httpd error_log file and noticed the following erro