On Sun, 2007-07-22 at 22:21 +0200, Ralph Angenendt wrote:
Gregory P. Ennis wrote:
[Sun Jul 22 13:04:32 2007] [warn] RSA server certificate CommonName (CN) `localhost.localdomain' does NOT match server name!? [Sun Jul 22 13:04:32 2007] [error] Unable to configure RSA server private key [Sun Jul 22 13:04:32 2007] [error] SSL Library Error: 185073780 error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch
The ssl errors were present on the old system so I was not too worried about those.
Your ServerName isn't the same as the one which is present in the certificate. SSL does not really like that. And it is good to be stricter about that.
I turned off selinux with out a change in symptoms.
Yes, as that error clearly hasn't anything to do with SELinux.
Anyone's ideas would sure be appreciated !!!
As that seems to be a selfsigned certificate: Create a new one with the server's fqdn in the Common Name filed (www.example.com, for example).
tinyca2 (which is available from the rpmforge repository) makes creation of new certificates really easy.
Also the "HOWTO" section on http://www.modssl.org/docs/2.8/ssl_howto.html has some information.
Cheers,
Ralph
Ralph,
Thanks for the suggestion to use tinyca2.... great utility!!!!! The link was also excellent.
Unfortunately, I am going to give up on a fix for the failure of httpd and do a repeat install. This is my 4th install of CentOS 5.0 and everything has worked perfectly before. I am sure it must be related to something I have done during my configuration setup, but I can not find the error for now.
Back to the Salt mines!!!
Greg