nginx SSL problem for ca-bundle
Igor Sysoev
igor at sysoev.ru
Wed Jun 16 10:13:44 MSD 2010
On Wed, Jun 16, 2010 at 09:19:30AM +0530, karthi r wrote:
> Hi nginx team,
>
> we running nginx + ssl certificate
>
> i configure domain.ca-bundle in nginx
>
> cat domain.ca-bunde >> domainname.crt
>
>
> and configure
>
> ssl_certificate /opt/ssl/domain_com.crt;
> ssl_certificate_key /opt/ssl.key/domain_com.key;
>
> when i restart nginx server following below error displayed.
>
> SSL_CTX_use_PrivateKey_file("../domain com.key") failed (SSL:
> error:0B080074:x509 certificate routines:X509_check_private_key:key values
> mismatch)
>
>
> how to resolve this issue..
http://nginx.org/en/docs/http/configuring_https_servers.html#chains
$ cat www.nginx.com.crt bundle.crt > www.nginx.com.chained.crt
...
If the server certificate and the bundle have been concatenated in the
wrong order, nginx will fail to start and will display the error message:
SSL_CTX_use_PrivateKey_file(" ... /www.nginx.com.key") failed
(SSL: error:0B080074:x509 certificate routines:
X509_check_private_key:key values mismatch)
because nginx has tried to use the private key with the bundle’s first
certificate instead of the server certificate.
--
Igor Sysoev
http://sysoev.ru/en/
More information about the nginx
mailing list