[CentOS] httpd failed with a new install of 5.0
Gregory P. Ennis
PoMec at PoMec.Net
Sun Jul 22 21:12:42 UTC 2007
On Sun, 2007-07-22 at 22:21 +0200, Ralph Angenendt wrote:
> Gregory P. Ennis wrote:
> > [Sun Jul 22 13:04:32 2007] [warn] RSA server certificate CommonName (CN)
> > `localhost.localdomain' does NOT match server name!?
> > [Sun Jul 22 13:04:32 2007] [error] Unable to configure RSA server
> > private key
> > [Sun Jul 22 13:04:32 2007] [error] SSL Library Error: 185073780
> > error:0B080074:x509 certificate routines:X509_check_private_key:key
> > values mismatch
> >
> > The ssl errors were present on the old system so I was not too worried
> > about those.
>
> Your ServerName isn't the same as the one which is present in the
> certificate. SSL does not really like that. And it is good to be
> stricter about that.
>
> > I turned off selinux with out a change in symptoms.
>
> Yes, as that error clearly hasn't anything to do with SELinux.
>
> > Anyone's ideas would sure be appreciated !!!
>
> As that seems to be a selfsigned certificate: Create a new one with the
> server's fqdn in the Common Name filed (www.example.com, for example).
>
> tinyca2 (which is available from the rpmforge repository) makes creation
> of new certificates really easy.
>
> Also the "HOWTO" section on
> <http://www.modssl.org/docs/2.8/ssl_howto.html> has some information.
>
> Cheers,
>
> Ralph
Ralph,
Thanks for the suggestion to use tinyca2.... great utility!!!!! The
link was also excellent.
Unfortunately, I am going to give up on a fix for the failure of httpd
and do a repeat install. This is my 4th install of CentOS 5.0 and
everything has worked perfectly before. I am sure it must be related to
something I have done during my configuration setup, but I can not find
the error for now.
Back to the Salt mines!!!
Greg
More information about the CentOS
mailing list