[CentOS] httpd failed with a new install of 5.0

Ralph Angenendt ra+centos at br-online.de
Sun Jul 22 20:21:45 UTC 2007


Gregory P. Ennis wrote:
> [Sun Jul 22 13:04:32 2007] [warn] RSA server certificate CommonName (CN)
> `localhost.localdomain' does NOT match server name!?
> [Sun Jul 22 13:04:32 2007] [error] Unable to configure RSA server
> private key
> [Sun Jul 22 13:04:32 2007] [error] SSL Library Error: 185073780
> error:0B080074:x509 certificate routines:X509_check_private_key:key
> values mismatch
>
> The ssl errors were present on the old system so I was not too worried
> about those.  

Your ServerName isn't the same as the one which is present in the
certificate. SSL does not really like that. And it is good to be
stricter about that.

> I turned off selinux with out a change in symptoms.

Yes, as that error clearly hasn't anything to do with SELinux.

> Anyone's ideas would sure be appreciated !!!

As that seems to be a selfsigned certificate: Create a new one with the
server's fqdn in the Common Name filed (www.example.com, for example).

tinyca2 (which is available from the rpmforge repository) makes creation
of new certificates really easy.

Also the "HOWTO" section on
<http://www.modssl.org/docs/2.8/ssl_howto.html> has some information.

Cheers,

Ralph
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.centos.org/pipermail/centos/attachments/20070722/360b0fcd/attachment.bin


More information about the CentOS mailing list