SSL problem

password

password

Verified User
Joined
Oct 11, 2011
Messages
127
Hi there

I'm running a Debian box with DirectAdmin that i recently reinstalled. Earlier i have been running a PositiveSSL certificate from namecheap on one of the accounts without any problems.

When reinstalling the server this time, i decided to run DA over SSL as well so i followed the instructions here to create my own SSL certificate:
http://help.directadmin.com/item.php?id=15

That worked fine and DA is now running over SSL. However, when i know try to reissue my CA SSL certificate and install it (the way i have always done) on userlevel in DirectAdmin for the specific user i get this error:
Code: 
error using key: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch

The certificate and key do not match. Please ensure you are using the correct key with this certificate
I suspect this has something to do with the fact that i created a new SSL certificate for DirectAdmin. Anyone that can give me some pointers on how to get my CA SSL working again?

Regards
password
 
Domain name for the Certificate you created manually?

Domain name for the domain you're trying to create now through the control panel?

At what point in the process do you see the error?

Are you reissuing at the user level of the admin user? From a user created under the admin's reseller level? Or from a user created under a different reseller?

Jeff
 
I'd rather not type my domainnames in this forum for several reasons but i do appreciate your help.

I'm installing the CA certificate on userlevel in DirectAdmin. I only have one user on this server and i'm doing it the exact same way i have done before. Last time this worked perfectly. I am following the guide explained on site-helper.com

The only thing i have done different this time is to activate DA over SSL. I did this by doing:

Code: 
/usr/bin/openssl req -x509 -newkey rsa:1024 -keyout /usr/local/directadmin/conf/cakey.pem -out /usr/local/directadmin/conf/cacert.pem -days 9000 -nodes

and

Code: 
chown diradmin:diradmin /usr/local/directadmin/conf/cakey.pem
chmod 400 /usr/local/directadmin/conf/cakey.pem

and then i set SSL=1 in DA config.

After doing this, i login on userlevel in DA to install my CA certificate. As soon as i paste my certificate in the 1st message box i get the error i pasted in my first post.

I thought i was getting this error since i created a new RSA key, but perhaps that's not the problem?
 
Unless you're either willing to post your answers to my questions, or hire me to work on your system, then I really can't be sure, but yes, if you created a new key in the location used by any previous Certificate, you most likely broke your old Certificate and will need to get it reissued.

Jeff
 
This has been resolved with the help of DA support.

I manually created a new CSR via SSH instead of using DA's web interface to reissue my CA cert. Now it works just fine!
 
You must log in or register to reply here.
Back
Top