SSL Cert Error - Need help with LiteSpeed Error MSG

[malffred]

I know this is most likely not related to LiteSpeed, but I thought maybe someone could give me a little more insight on the error message.

I just got a regular godaddy cert and I'm setting up a listener. I get it all setup and configured, restart LiteSpeed but get the following error:

[SSL] Config SSL Context for listener *:443 with Certificate File: <path_to_ssl>/gd_intermediate.crt and Key File:<path_to_ssl>/sugardev.key get SSL error: error:0906406D:PEM routinesEF_CALLBACKroblems getting password

Any idea what this means? I've rekeyed the SSL cert one today already in the GoDaddy interface. Should I make a new .csr and .key and rekey with GoDaddy again? I can only rekey the cert twice. Thanks for any suggestions.

[mistwang]

You need to remove the password protection of your private key first.

[malffred]

mistwang,

Thanks for the reply. You know I actually tried that the first time, but it wouldn't let me enter a blank passphrase when creating the key file. Looks like this:

Code:

sugardev@dev:~/ssl$ openssl genrsa -des3 -out sugardev.key 1024
Generating RSA private key, 1024 bit long modulus
..............................++++++
............++++++
e is 65537 (0x10001)
Enter pass phrase for sugardev.key:
16484:error:28069065:lib(40):UI_set_result:result too small:ui_lib.c:849:You must type in 4 to 8191 characters

Is my syntax wrong? How do I gen a key without one? (I think I have before, so this error is new to me).

[mistwang]

http://www.litespeedtech.com/support...sl_private_key

[malffred]

Quote:

Originally Posted by mistwang

http://www.litespeedtech.com/support...sl_private_key

Thanks, I did as the instructions said. Now I get this:

Code:

[SSL] Config SSL Context for listener *:443 with Certificate File: /home/sugardev/ssl/gd_cross_intermediate.crt and Key File:/home/sugardev/ssl/dev.sugarstats.com.key get SSL error: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch

I then started over, created a new key (no passphrase), new csr. Rekeyed the SSL cert with the new CSR and downloaded the new certs from Godaddy. Restarted LiteSpeed but get the same error. Am I screwed now?

[mistwang]

You should just remove the password of your old private key, a new private key will not match the certificate created for the old key, they won't match.