SSL install aborted due to error: Modulus mismatch, key file does not match certificate.

mauinet

Well-Known Member
Mar 2, 2004
53
1
158
Maui
Hello, trying to renew an SSL cert from Comodo on WHM 11.36.1. Generated CSR and received CRT file from Comodo. When I paste in the first box under "Install A SSL Cert", it prefills the second two boxes and brings up the correct domain. When I submit, get the error, "SSL install aborted due to error: Modulus mismatch, key file does not match certificate."

I have checked other older key files for this domain on the server and find they are apparently duplicates.

I tried to manually install the new CSR and bundle but Apache won't restart. The error log shows:

[
Code:
Sat May 25 18:25:00 2013] [notice] SSL FIPS mode disabled
[Sat May 25 18:25:00 2013] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Sat May 25 18:25:00 2013] [error] Unable to configure RSA server private key
[Sat May 25 18:25:00 2013] [error] SSL Library Error: 185073780 error:0B080074:x509 certificate routines:X509_check_priva
te_key:key values mismatch
[Sat May 25 18:25:26 2013] [notice] SSL FIPS mode disabled
I am out of ideas how to fix this. All the other renewals installed without error.

RS
 

mauinet

Well-Known Member
Mar 2, 2004
53
1
158
Maui
Our install is now complete. We received these commands from Comodo to determine the modulus of the crt and key files which must match:
openssl rsa -noout -modulus -in mydomain.com.key | openssl md5
openssl x509 -noout -modulus -in mydomain.com.crt | openssl md5

If they do not match, search the server for another key file to test, "locate mydomain.com.key"
In our case, the key file was on another server that had previously hosted the domain.