Certificate Error

Maxim Dounin mdounin at mdounin.ru
Thu Dec 15 04:32:00 UTC 2022


Hello!

On Wed, Dec 14, 2022 at 10:02:04PM -0500, Software Info wrote:

> Hi All,
> I would really appreciate some help with this sticky problem. I am
> using nginx as a reverse proxy. I have version 1.20.1 running on
> FreeBSD 13.1. Today I set up for a new domain. I got a wildcard
> certificate for mydomain.com from GoDaddy. I put the paths in
> nginx.conf but when I run nginx -t
> I get the following error: nginx:
> [emerg] SSL_CTX_use_PrivateKey("/usr/local/etc/nginx/ssl/domain.com.key")
> failed (SSL: error:0B080074:x509 certificate
> routines:X509_check_private_key:key values mismatch)
> nginx: configuration file /usr/local/etc/nginx /nginx.conf test failed
> 
> When I ran the test below to check the Public and Private keys, I get
> back the same checksum so I guess the Certs must be ok.
> # openssl rsa -modulus -in domain.com.key -noout | md5sum
> # openssl x509 -modulus -in domain.com.crt -noout | md5sum
> 
> This is the relevant section in my nginx.conf

[...]

>          ssl_certificate ssl/gd_bundle-g2-g1.crt;
>          ssl_certificate_key ssl/domain.com.key;

You are "gd_bundle-g2-g1.crt" instead of "domain.com.crt", this 
looks like the culprit.

See 

http://nginx.org/en/docs/http/configuring_https_servers.html

for some basic tips about configuring HTTPS servers.

[...]

>          ssl_trusted_certificate ssl/domain.com.crt;

And this also looks incorrect.

Hope this helps.

-- 
Maxim Dounin
http://mdounin.ru/


More information about the nginx mailing list