我正在尝试在我的网站上安装Comodo SSL证书,在我更改了default-ssl.conf文件后,apache无法启动。
这是我的default-ssl.conf文件:
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin admin@site.com
ServerName site.com
ServerAlias www.site.com
DocumentRoot /var/www/html/site/public
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateKeyFile /etc/ssl/private/site.key
SSLCertificateFile /etc/ssl/private/site_com.crt
SSLCertificateChainFile /etc/ssl/private/site.ca-bundle
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/var/www/html/site/public">
AllowOverride all
Require all granted
Options Indexes FollowSymLinks MultiViews
Order allow,deny
allow from all
</Directory>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
</VirtualHost>
</IfModule>
我运行了两个检查,它们都是相同的值:
openssl x509 -noout -modulus -in /etc/ssl/private/site_com.crt | openssl md5
openssl rsa -noout -modulus -in /etc/ssl/private/site.key | openssl md5
我的Apache错误日志显示以下错误:
[Tue Dec 02 23:30:26.324586 2014] [ssl:emerg] [pid 3875] SSL Library Error: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch
[Tue Dec 02 23:30:26.324596 2014] [ssl:emerg] [pid 3875] AH02311: Fatal error initialising mod_ssl, exiting. See /var/log/apache2/error.log for more information
[Tue Dec 02 23:32:59.190380 2014] [ssl:emerg] [pid 3959] AH02238: Unable to configure RSA server private key
最后,我的Comodo证书(在我的site.ca-bundle文件中)的顺序是这样的:
AddTrustExternalCARoot.crt
COMODORSAAddTrustCA.crt
COMODORSADomainValidationSecureServerCA.crt
site_com.crt
这是我第一次安装SSL证书,我真的不知道问题是什么。谢谢你的帮助!