The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

https problem....

Discussion in 'General Discussion' started by vishal, Sep 1, 2003.

  1. vishal

    vishal Well-Known Member

    Joined:
    Jan 28, 2003
    Messages:
    340
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    India
    Hello All,

    https is not working on my server. Perviously it was. How do I check if the SSL certificate on my server is expired or not?

    Please reply...

    Thank you,

    cPanel.net Support Ticket Number:
     
  2. vishal

    vishal Well-Known Member

    Joined:
    Jan 28, 2003
    Messages:
    340
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    India
    Hello All,

    I could see following error in my error_log file....

    [Mon Sep 1 17:14:44 2003] [error] mod_ssl: Init: Private key not found (OpenSSL library error follows)
    [Mon Sep 1 17:14:44 2003] [error] OpenSSL: error:0D06B078:asn1 encoding routines:ASN1_get_object:header too long
    [Mon Sep 1 17:14:52 2003] [error] mod_ssl: Init: Private key not found (OpenSSL library error follows)
    [Mon Sep 1 17:14:52 2003] [error] OpenSSL: error:0D06B078:asn1 encoding routines:ASN1_get_object:header too long

    What does this mean?

    Thank you,

    cPanel.net Support Ticket Number:
     
  3. vishal

    vishal Well-Known Member

    Joined:
    Jan 28, 2003
    Messages:
    340
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    India
    anyone?

    cPanel.net Support Ticket Number:
     
  4. PWSowner

    PWSowner Well-Known Member

    Joined:
    Nov 10, 2001
    Messages:
    2,948
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    ON, Canada
    Is there a .key file in your /usr/share/ssl/private directory?

    cPanel.net Support Ticket Number:
     
  5. vishal

    vishal Well-Known Member

    Joined:
    Jan 28, 2003
    Messages:
    340
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    India
    Yes I have .keyu files for the domains i have installed the SSL certificates. they are in numbers and not just one. likewise
    domain1.com.key
    domain2.com.key
    www.domain3.com.key
    www.domain4.com.key

    and so on....

    How do i check if the certificates or the private key is corrupted so that i can remove it and also how do i re-install a certificate on a domain ? do i have something like Reset or Regen certificate for a domain.

    Thank you,

    cPanel.net Support Ticket Number:
     
  6. PWSowner

    PWSowner Well-Known Member

    Joined:
    Nov 10, 2001
    Messages:
    2,948
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    ON, Canada
    If you have backups of the .key file and the files in /usr/share/ssl/certs from when it did work, you can just upload the backups. If not, I had to reinstall one recently and I just generated a new signing request and went to my Comodo account and requested a replacement certificate. I don't know how other SSL providers work.

    As far as the certificate being expired, if you go to https://yoursecuresite, it should still work, but give you a popup warning of the certificate being expired. If the site doesn't work at all, it's likely not due to an expired certificate.

    Maybe take a look at the
    <IfDefine SSL>
    ......
    ......
    </IfDefine SSL>
    entry in the httpd.conf file. Cpanel has occasionally made unwanted changes to that file.

    cPanel.net Support Ticket Number:
     
  7. vishal

    vishal Well-Known Member

    Joined:
    Jan 28, 2003
    Messages:
    340
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    India
    I think i have the SSL certificates installed well and the
    <IfDefine SSL>
    ......
    ......
    </IfDefine SSL>
    is also ok.

    The Problem is when i do /etc/rc.d/init.d/httpd startssl

    Apache:mod_ssl:Error: Private key not found.
    **Stopped
    /etc/rc.d/init.d/httpd start: httpd could not be started

    This error occurs ! Which seems that it has got a entry for a Private key Which cannot be found but which Private Key that i am not sure i have checked for the *.key file in /usr/share/ssl/private and they are only 4 and rest are older ones.
    Any help ?

    cPanel.net Support Ticket Number:
     
  8. PWSowner

    PWSowner Well-Known Member

    Joined:
    Nov 10, 2001
    Messages:
    2,948
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    ON, Canada
    Any chance that there are more SSL entries in the conf file than keys in the directory? That would mean a missing .key file.

    Since there is more than 1 .key file, you could test them to see if one is bad by renaming them, one at a time, to domain.key.bak and see if apache will start. If it does, you found the bad .key file.

    cPanel.net Support Ticket Number:
     
Loading...

Share This Page