Ask a Question

Advanced Search

Solution ID : SO16900

Last Modified : 05/02/2018

Error: ''Unable to configure RSA server private key''

Problem

When you try to run Apache, you may receive one of the following error messages in the log file:

 


Unable to configure RSA server private key


mod_ssl: Init: (www.domain.com:443) Unable to configure RSA server private key (OpenSSL library error follows)


OpenSSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch


 

Cause

This problem may occur if the private key and certificate do not match.

Solution

To resolve this problem, specify the correct private key for the certificate. Compare the modulus of certificate against the modulus of the private key to see if they match. Follow these steps:

  1. View the certificate modulus using the following command:

    openssl x509 -noout -text -in certfile -modulus

  2. View the key using the following command:

    openssl rsa -noout -text -in keyfile -modulus

  3. Verify the following:

    • The certificate and private key is saved in Notepad and that it has no trailing spaces.

    • The "modulus" and "public exponent" portions in the key and the certificate must match exactly.

    • Verify the modulus of the default server.key file as the CSR could have been generated off this key.

    • You should also check the httpd.conf file to make sure that the directives are pointing to the correct private key and certificate.

    • Search for all private keys on your server and compare the modulus. Use the following commands: locate "*.key" or find / -name "*.key"