Ask a Question

Advanced Search

Solution ID : SO2181

Last Modified : 05/29/2018

Error: [error] mod_ssl: Init: Private key not found

Problem

When installing a SSL Certificate the below errors may occur:

Error: "[error] mod_ssl: Init: Private key not found (OpenSSL library error follows)

[error] OpenSSL: error:0D084069:asn1 encoding routines:d2i_ASN1_SET:bad tag [error] OpenSSL: error:0D09D082:asn1 encoding routines:d2i_RSAPrivateKey:parsing [error] OpenSSL: error:0D09B00D:asn1 encoding routines:d2i_PrivateKey:ASN1 lib"
Error: [error] mod_ssl: Init: Private key not found

or

[error] Init: Unable to read pass phrase [Hint: key introduced or changed before restart?]
[error] SSL Library Error: 218710120 error:0D094068:asn1 encoding routines:d2i_ASN1_SET:bad tag
[error] SSL Library Error: 218529960 error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[error] SSL Library Error: 218595386 error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error
[error] SSL Library Error: 218734605 error:0D09A00D:asn1 encoding routines:d2i_PrivateKey:ASN1 lib

Cause

This issue occurs as Apache is unable to read the password protected private key file.

Solution

If any of the errors occurs, remove the password from the private key. From a Command prompt, follow these steps:
  1. openssl rsa -in file1.key -out file2.key
     
  2. Direct the httpd.conf to this key file, it does not prompt you for a pass phrase.
     

If anyone receives the unencrypted key, they can impersonate you (keys create your identifying digital signature). Please make sure the permissions on that file allow only 'root' or 'web server user' to read it. Symantec suggests that you start your web server as root, but run as another server, and have the key readable only by root.