apache2无法启动导致ssl:"无法配置加密(?)私钥"

时间:2017-03-31 13:02:45

标签: apache ssl https apache2 lets-encrypt

我刚刚创建了一个ssl证书:http://www.tecchannel.de/a/owncloud-9-unter-ubuntu-server-16-04-lts-installieren,3277807,2

现在如果我启动apache我没有错误,但是服务apache2状态我收到错误,错误日志:

[Fri Mar 31 14:55:59.639400 2017] [ssl:error] [pid 21071] AH02579: Init: Private key not found
[Fri Mar 31 14:55:59.639479 2017] [ssl:error] [pid 21071] SSL Library Error: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Fri Mar 31 14:55:59.639494 2017] [ssl:error] [pid 21071] SSL Library Error: error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error
[Fri Mar 31 14:55:59.639504 2017] [ssl:error] [pid 21071] SSL Library Error: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Fri Mar 31 14:55:59.639515 2017] [ssl:error] [pid 21071] SSL Library Error: error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error (Type=RSA)
[Fri Mar 31 14:55:59.639526 2017] [ssl:error] [pid 21071] SSL Library Error: error:04093004:rsa routines:OLD_RSA_PRIV_DECODE:RSA lib
[Fri Mar 31 14:55:59.639536 2017] [ssl:error] [pid 21071] SSL Library Error: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Fri Mar 31 14:55:59.639547 2017] [ssl:error] [pid 21071] SSL Library Error: error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error (Type=PKCS8_PRIV_KEY_INFO)
[Fri Mar 31 14:55:59.639553 2017] [ssl:emerg] [pid 21071] AH02311: Fatal error initialising mod_ssl, exiting. See /var/log/apache2/error.log for more information
[Fri Mar 31 14:55:59.639558 2017] [ssl:emerg] [pid 21071] AH02564: Failed to configure encrypted (?) private key localhost:443:0, check /etc/apache2/ssl/apache.crt
AH00016: Configuration Failed

但是错了什么? /etc/apache2/ssl/apache.crt中的文件当然存在...以及为什么"未找到私钥" ? apache.key也存在。

任何帮助? :(

2 个答案:

答案 0 :(得分:0)

我认为您应该重新检查配置步骤。创建.key文件后,您必须提供适当的权限,以便root用户可以读写。

按照以下链接解决您的问题。

https://www.howtoforge.com/how-to-set-up-an-ssl-vhost-under-apache2-on-ubuntu-9.10-debian-lenny

答案 1 :(得分:0)

在生成CRS请求时,它会生成2个文件

  • example.csr
  • example.key->您需要将此文件包含在SSL配置中。
  

确保已将密钥文件包含在ssl配置中。

Key file should look like :
-----BEGIN PRIVATE KEY-----
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
-----END PRIVATE KEY-----
相关问题
最新问题