Welcome! Log In Create A New Profile

Advanced

Re: Certificate Error

Maxim Dounin
December 14, 2022 11:34PM
Hello!

On Wed, Dec 14, 2022 at 10:02:04PM -0500, Software Info wrote:

> Hi All,
> I would really appreciate some help with this sticky problem. I am
> using nginx as a reverse proxy. I have version 1.20.1 running on
> FreeBSD 13.1. Today I set up for a new domain. I got a wildcard
> certificate for mydomain.com from GoDaddy. I put the paths in
> nginx.conf but when I run nginx -t
> I get the following error: nginx:
> [emerg] SSL_CTX_use_PrivateKey("/usr/local/etc/nginx/ssl/domain.com.key")
> failed (SSL: error:0B080074:x509 certificate
> routines:X509_check_private_key:key values mismatch)
> nginx: configuration file /usr/local/etc/nginx /nginx.conf test failed
>
> When I ran the test below to check the Public and Private keys, I get
> back the same checksum so I guess the Certs must be ok.
> # openssl rsa -modulus -in domain.com.key -noout | md5sum
> # openssl x509 -modulus -in domain.com.crt -noout | md5sum
>
> This is the relevant section in my nginx.conf

[...]

> ssl_certificate ssl/gd_bundle-g2-g1.crt;
> ssl_certificate_key ssl/domain.com.key;

You are "gd_bundle-g2-g1.crt" instead of "domain.com.crt", this
looks like the culprit.

See

http://nginx.org/en/docs/http/configuring_https_servers.html

for some basic tips about configuring HTTPS servers.

[...]

> ssl_trusted_certificate ssl/domain.com.crt;

And this also looks incorrect.

Hope this helps.

--
Maxim Dounin
http://mdounin.ru/
_______________________________________________
nginx mailing list
nginx@nginx.org
https://mailman.nginx.org/mailman/listinfo/nginx
Subject Author Posted

Certificate Error

Software Info December 14, 2022 10:04PM

Re: Certificate Error

gariac December 14, 2022 10:56PM

Re: Certificate Error

Maxim Dounin December 14, 2022 11:34PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 114
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready