If the private key has been created with a password (usually is); then the same password needs to be supplied using the -passin argument.
for ex: openssl rsa -noout -modulus -in server.key -passin pass:mypasswd | openssl md5 If the -passin argument is not used; it could be picking up a default passin password from the openssl.cnf file. Check the openssl.cnf for a default passin and make sure it matches the password you used to create the private key. --- ----- Original Message ----- From: "Mike K" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, December 18, 2001 2:32 PM Subject: Re: problems with private keys... please help! urgent! > It never asked me for a password.... > > > ----- Original Message ----- > From: "Saju Paul" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Tuesday, December 18, 2001 10:23 AM > Subject: Re: problems with private keys... please help! urgent! > > > > > For domain1, I tried to check the md5's of each of the key and crt... > > > > > > The md5 for the crt shows up fine. When I try to get the md5 for the > > .key, > > > I get this error: > > > > > > # openssl rsa -noout -modulus -in server.key | openssl md5 > > > read RSA key > > > unable to load key > > > d41d8cd98f00b204e9800998ecf8427e > > > > I get this error when I use an incorrect password... check your > password.. > > > > > > ----- Original Message ----- > > From: "Mike K" <[EMAIL PROTECTED]> > > To: <[EMAIL PROTECTED]> > > Sent: Tuesday, December 18, 2001 1:31 PM > > Subject: problems with private keys... please help! urgent! > > > > > > > Hi all... > > > > > > Before upgrading, one of my virtual domains (ip based) had SSL setup and > > was > > > working fine. The second domain did not work. The error was odd > > according > > > to people in IRC support channels, and I was told to upgrade to all of > the > > > latest versions. > > > > > > I did that. > > > > > > Now when I try to run startssl, I get errors on BOTH virtual domains. > > > > > > The domain that had once worked produces these errors: > > > > > > [Mon Dec 17 16:41:46 2001] [error] mod_ssl: Init: (xxxxxxxxxxxx.com:443) > > > Unable to configure RSA server private key (OpenSSL library error > follows) > > > [Mon Dec 17 16:41:46 2001] [error] OpenSSL: error:0B080074:x509 > > certificate > > > routines:X509_check_private_key:key values mismatch > > > > > > The domain2, that I couldn't get to work before the upgrade, produces > > these > > > errors: > > > > > > [Mon Dec 17 16:45:43 2001] [error] mod_ssl: Init: Private key not found > > > (OpenSSL library error follows) > > > [Mon Dec 17 16:45:43 2001] [error] OpenSSL: error:0D06B078:asn1 encoding > > > routines:ASN1_get_object:header too long > > > > > > ----------------- > > > > > > For domain1, I tried to check the md5's of each of the key and crt... > > > > > > The md5 for the crt shows up fine. When I try to get the md5 for the > > .key, > > > I get this error: > > > > > > # openssl rsa -noout -modulus -in server.key | openssl md5 > > > read RSA key > > > unable to load key > > > d41d8cd98f00b204e9800998ecf8427e > > > > > > > > > I get this same "unable to load key" error for any key I try to get the > > md5 > > > checksum for.... > > > > > > > > > Any help in getting both of my virtual domain's (the two that need SSL) > > > working is greatly appreciated. > > > > > > Thanks. > > > > > > -Mike > > > > > > > > > PS: Here is the Virtual Server entry from httpd.conf for domain2... > > domain1 > > > has the exact same (but updated ip and paths) > > > > > > > > > NamevirtualHost xxx.xxx.xxx.44:443 > > > <VirtualHost xxx.xxx.xxx.44:443> > > > SSLEngine On > > > SSLCipherSuite > > > ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL > > > SSLCertificateKeyFile /www/conf/ssl.key/domain2_server.key > > > SSLCertificateFile /www/conf/ssl.crt/domain2.com.crt > > > DocumentRoot /home/hosting/domain2.com/public_html > > > ServerName domain2.com > > > CustomLog /www/logs/domain2.com combined > > > ErrorLog /www/logs/domain2_error_log > > > SetEnvIf User-Agent ".*MSIE.*" \ > > > nokeepalive ssl-unclean-shutdown \ > > > downgrade-1.0 force-response-1.0 > > > <Directory "/home/hosting/domain2.com/public_html/cgi-bin"> > > > SSLOptions +StdEnvVars > > > </Directory> > > > <Files ~ "\.(cgi|shtml|phtml|php3?|php|inc)$"> > > > SSLOptions +StdEnvVars > > > </Files> > > > </VirtualHost> > > > > > > ______________________________________________________________________ > > > OpenSSL Project http://www.openssl.org > > > User Support Mailing List [EMAIL PROTECTED] > > > Automated List Manager [EMAIL PROTECTED] > > > > ______________________________________________________________________ > > OpenSSL Project http://www.openssl.org > > User Support Mailing List [EMAIL PROTECTED] > > Automated List Manager [EMAIL PROTECTED] > > > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
