Godaddy wildcard certs...

Michael Shadle mike503 at
Sat Feb 6 04:15:06 MSK 2010

I'm trying to use a wildcard godaddy cert and having some issues. Once
I changed the openssl CSR request to have "*" instead of
"" now I get an error when trying to start nginx:

[emerg]: SSL_CTX_use_PrivateKey_file("/etc/nginx/certs/")
failed (SSL: error:0B080074:x509 certificate
routines:X509_check_private_key:key values mismatch)

Can anyone help?

Here's the commands...

# openssl genrsa 2048 >
Generating RSA private key, 2048 bit long modulus
e is 65537 (0x10001)

# openssl req -new -key >
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
Country Name (2 letter code) [GB]:US
State or Province Name (full name) [Berkshire]:.
Locality Name (eg, city) [Newbury]:.
Organization Name (eg, company) [My Company Ltd]:.
Organizational Unit Name (eg, section) []:.
Common Name (eg, your name or your server's hostname) []:*
Email Address []:my at

concatenating them all together:

# cat gd_bundle.crt >

I tried a random hostname... Firefox tells me this: uses an invalid security certificate.

The certificate is only valid for the following names: ,

(Error code: ssl_error_bad_cert_domain)

this is my config:

server {
   listen 80;
   listen ssl;
   server_name *;
   root /home/redirects/web/redirects/domain;
   index index.php;
   location ~ \.php$ {
      include /etc/nginx/fastcgi.conf;
   ssl_certificate /etc/nginx/certs/;
   ssl_certificate_key /etc/nginx/certs/;
   ssl_protocols SSLv3 TLSv1;
   ssl_ciphers ALL:-ADH:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP;
   rewrite ^ /index.php?url=$host last;

More information about the nginx mailing list