SSL_CTX_use_PrivateKey_file(“/example.key”) failed (SSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch

Problem Statement:

I’ve wanted to change the SSL certificate, because I’ve changed my server so I had to create a new CSR with the different name as discuss in the following question with this command. And generated the Privatekey and CSR.

$ openssl req -new -newkey rsa:2048 -nodes -keyout example_new.key -out example_new.csr

Then I’d paste the CSR to Re-Key in Godaddy portal and received certificate from Godaddy and then i renamed it to the following as per best practises.

  1. example.com.crt
  2. intermediate.crt
  3. example.com.pem

And then I’ve concatenated the certificate with signing certificate in right order as discussed in this answer.

$ cat example.com.crt intermediate.crt > bundle_chained.crt

Exception:

Getting following exception while restarting Nginx.

$ sudo nginx -t

nginx: [emerg] SSL_CTX_use_PrivateKey_file("/path/example_new.key") failed (SSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch)
nginx: configuration file /etc/nginx/nginx.conf test failed


Here’s what I tested:

  • The certificate and private key has no trailing spaces.
  • I checked the nginx.conf and the directives are pointing to the correct private key and certificate.
  • I’ve checked md5 hashed of the key and bundle_chained
$ openssl x509 -noout -modulus -in bundle_chained.crt | openssl md5
(stdin)= d91144b76e2fa292e9aee71f10ac8b63

$ openssl rsa -noout -modulus -in example.key | openssl md5
(stdin)= a4773e7fa31e0bdc7edad15ee5412d3e

Note: Md5 hash are not matching

  • Checked bundle_chained.crt using following and figure out that it doesn’t look like my as I’ve specified Maharashtra ST and it is showing Arizona which is my CA.
$ openssl x509 -noout -text -in bundle_chained.crt


Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            8d:a1:9d:55:8c:d8:as:45
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C = US, ST = Arizona, L = Scottsdale, O = "GoDaddy.com, Inc.", OU = http://certs.godaddy.com/repository/, CN = Go Daddy Secure Certificate Authority - G2
        Validity
            Not Before: Aug 20 11:54:25 2020 GMT
            Not After : Aug 19 10:00:10 2022 GMT
        Subject: OU = Domain Control Validated, CN = example.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
....
.....

Note: Please note that it did showing CN correct as example.com in my case.


Thank you for your help. 🙂

source : nginx – SSL_CTX_use_PrivateKey_file(“/example.key”) failed (SSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch – Stack Overflow

Posted on: January 5, 2024, by :  | 30 views
https://serang.ut.ac.id/css/css/slot88/ https://tinjut.bagkeu.dikdasmen.kemdikbud.go.id/slot-maxwin/ https://dpm.polinema.ac.id/slot-gacor/ https://akademik.ft.unm.ac.id/slot-dana/ https://ppdb.probolinggokab.go.id/slot-5000/ https://bkad.sulselprov.go.id/assets/ https://ojs.balidwipa.ac.id/docs/slot-gacor/ http://korpri.pekalongankab.go.id/api/slot-gacor/ https://elang.umpp.ac.id/foto/farmasi/-/asset/ http://rsud-kelet.jatengprov.go.id/wp-content/-/asset/ https://kusdhianto-fe.staff.ugm.ac.id/slot88/ http://ppdb.probolinggokab.go.id/judi-bola/ https://bapenda.labuhanbatukab.go.id/racikan-sbobet/ http://rsud-kelet.jatengprov.go.id/wp-content/-/data/ https://agenda.riau.go.id/-/judi-bola/ https://balapan.padang.go.id/sbobet88/ http://jdih.wakatobikab.go.id/sbobet88/ http://kph.menlhk.go.id/sbobet88/ https://bkad.sulselprov.go.id/data/ https://dpm.polinema.ac.id/slot-gacor/ https://dinkes.jemberkab.go.id/storage/attachments/