Solved: Unable to configure RSA server private key

Better Stack Team

Updated on May 4, 2022

Problem

Unable to configure RSA server private key log message when running Apache.

Cause of the problem

This problem may occur if the private key and certificate do not match.

Solution

Compare the modulus of the certificate against the modulus of the private key to see if they match.

View the certificate modulus using the following command:

Copied!

openssl x509 -noout -text -in certfile -modulus

Then, view the key using the following command:

Copied!

openssl rsa -noout -text -in keyfile -modulus

Verify the following

Verify that the certificate and private key file are saved in the file and that it has no trailing spaces.
The modulus and public exponent portions in the key and the certificate must match exactly. (Make sure you aren't using the default server.key file)
Check the httpd.conf file to make sure that the directives are pointing to the correct private key and certificate.

If they don't match, reissue the certificate.

Got an article suggestion? Let us know

Explore more

How to list all available CA SSL certificates on Ubuntu?

To list all available CA SSL certificates run the following lines of code:

Solved: ERR_SSL_VERSION_OR_CIPHER_MISMATCH

When you are accessing the HTTPS secured website a series of steps is taken in the background to ensure that the connection is safe and trusted. Some of these steps consist of checking certificates. If the browser does not believe that the connection would be secure it displays this error.

SSL Certificate Problem: Unable to get Local Issuer Certificate

If you get SSL certificate problem: unable to get local issuer certificate error, it's an indication that your root and intermediate certificates on the system are not working correctly or not set up correctly.

How to verify SSL certificates on the command line?

To validate an SSL certificate you can use one of the following approaches, depending on the type of the certificate.

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

Check Uptime, Ping, Ports, SSL and more.

Get Slack, SMS and phone incident alerts.

Easy on-call duty scheduling.

Create free status page on your domain.

Start monitoring

We are hiring.

Software is our way of making the world a tiny bit better. We build tools for the makers of tomorrow.

Join the Better Stack team

Help us in making the internet more reliable.

Become a contributor

Help us with developer education and get paid.

Explore all positions →

Reliability is the
ultimate feature

Delightful observability tools that turn your logs & monitoring into a secret weapon for shipping better software faster.

Explore Better Stack