Unable to configure RSA server private key.

Issues related to applications and software problems
Post Reply
hack3rcon
Posts: 757
Joined: 2014/11/24 11:04:37

Unable to configure RSA server private key.

Post by hack3rcon » 2019/03/16 07:44:42

Hello,
According to the https://wiki.centos.org/HowTos/Https, I configured SSL Certificates but when I want to restart Apache then I got below error:

Code: Select all

# cat /var/log/httpd/error_log
[Sat Mar 16 10:58:59.715237 2019] [core:notice] [pid 18199] SELinux policy enabled; httpd running as context system_u:system_r:httpd_t:s0
[Sat Mar 16 10:59:05.799652 2019] [ssl:warn] [pid 18199] AH01909: RSA certificate configured for www.example.org:443 does NOT include an ID which matches the server name
[Sat Mar 16 10:59:05.800247 2019] [ssl:emerg] [pid 18199] AH02311: Fatal error initialising mod_ssl, exiting. See /etc/httpd/logs/ssl_error_log for more information
[Sat Mar 16 10:59:28.934952 2019] [core:notice] [pid 18237] SELinux policy enabled; httpd running as context system_u:system_r:httpd_t:s0
[Sat Mar 16 10:59:33.620406 2019] [ssl:warn] [pid 18237] AH01909: RSA certificate configured for www.example.org:443 does NOT include an ID which matches the server name
[Sat Mar 16 10:59:33.620983 2019] [ssl:emerg] [pid 18237] AH02311: Fatal error initialising mod_ssl, exiting. See /etc/httpd/logs/ssl_error_log for more information
[Sat Mar 16 11:00:17.982247 2019] [core:notice] [pid 18280] SELinux policy enabled; httpd running as context system_u:system_r:httpd_t:s0
[Sat Mar 16 11:00:21.643427 2019] [ssl:warn] [pid 18280] AH01909: RSA certificate configured for www.example.org:443 does NOT include an ID which matches the server name
[Sat Mar 16 11:00:21.644018 2019] [ssl:emerg] [pid 18280] AH02311: Fatal error initialising mod_ssl, exiting. See /etc/httpd/logs/ssl_error_log for more information
[Sat Mar 16 11:01:02.586171 2019] [core:notice] [pid 18345] SELinux policy enabled; httpd running as context system_u:system_r:httpd_t:s0
[Sat Mar 16 11:01:09.864709 2019] [ssl:warn] [pid 18345] AH01909: RSA certificate configured for www.example.org:443 does NOT include an ID which matches the server name
[Sat Mar 16 11:01:09.865320 2019] [ssl:emerg] [pid 18345] AH02311: Fatal error initialising mod_ssl, exiting. See /etc/httpd/logs/ssl_error_log for more information
[Sat Mar 16 11:08:28.404428 2019] [core:notice] [pid 18598] SELinux policy enabled; httpd running as context system_u:system_r:httpd_t:s0
[Sat Mar 16 11:08:32.385119 2019] [ssl:warn] [pid 18598] AH01909: RSA certificate configured for www.example.org:443 does NOT include an ID which matches the server name
[Sat Mar 16 11:08:32.385719 2019] [ssl:emerg] [pid 18598] AH02311: Fatal error initialising mod_ssl, exiting. See /etc/httpd/logs/ssl_error_log for more information
[Sat Mar 16 11:09:43.134599 2019] [core:notice] [pid 18669] SELinux policy enabled; httpd running as context system_u:system_r:httpd_t:s0
[Sat Mar 16 11:09:47.067500 2019] [ssl:warn] [pid 18669] AH01909: RSA certificate configured for www.example.org:443 does NOT include an ID which matches the server name
[Sat Mar 16 11:09:47.068118 2019] [ssl:emerg] [pid 18669] AH02311: Fatal error initialising mod_ssl, exiting. See /etc/httpd/logs/ssl_error_log for more information
And:

Code: Select all

# cat /etc/httpd/logs/ssl_error_log
[Sat Mar 16 11:08:32.385650 2019] [ssl:emerg] [pid 18598] AH02238: Unable to configure RSA server private key
[Sat Mar 16 11:08:32.385711 2019] [ssl:emerg] [pid 18598] SSL Library Error: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch
[Sat Mar 16 11:09:47.068060 2019] [ssl:emerg] [pid 18669] AH02238: Unable to configure RSA server private key
[Sat Mar 16 11:09:47.068109 2019] [ssl:emerg] [pid 18669] SSL Library Error: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch
What is my problem?

Thank you.

scottro
Forum Moderator
Posts: 2556
Joined: 2007/09/03 21:18:09
Location: NYC
Contact:

Re: Unable to configure RSA server private key.

Post by scottro » 2019/03/16 11:48:09

I see that they say SSL certificate does not include server name. Did you generate a csr (Certificate Signing Request) and did you use the server name as the CN (Common Name?)

https://www.digitalocean.com/community/ ... r-centos-7 seems to be a simple and accurate guide. You might want to start from scratch. When you make your CSR, the most important thing is the common name, it has to match what you have configured as the server name, and the server name should be configured in httpd.conf or another .conf file if you're doing a more complex setup. It sounds as if you're doing a default setup though, so in that case, configure the server name in httpd.conrf
New users should check the FAQ and Read Me First pages

mghe
Posts: 766
Joined: 2015/11/24 12:04:43
Location: Katowice, Poland

Re: Unable to configure RSA server private key.

Post by mghe » 2019/03/16 14:50:44

You did try config for: www.example.org
I afraid, this is not Your domain.

Post Reply