SSL Cert Error - Need help with LiteSpeed Error MSG

Discussion in 'Install/Configuration' started by malffred, Jun 19, 2007.

  1. malffred

    malffred Active Member

    I know this is most likely not related to LiteSpeed, but I thought maybe someone could give me a little more insight on the error message.

    I just got a regular godaddy cert and I'm setting up a listener. I get it all setup and configured, restart LiteSpeed but get the following error:

    [SSL] Config SSL Context for listener *:443 with Certificate File: <path_to_ssl>/gd_intermediate.crt and Key File:<path_to_ssl>/sugardev.key get SSL error: error:0906406D:pEM routines:DEF_CALLBACK:problems getting password

    Any idea what this means? I've rekeyed the SSL cert one today already in the GoDaddy interface. Should I make a new .csr and .key and rekey with GoDaddy again? I can only rekey the cert twice. Thanks for any suggestions.
  2. mistwang

    mistwang LiteSpeed Staff

    You need to remove the password protection of your private key first.
  3. malffred

    malffred Active Member


    Thanks for the reply. You know I actually tried that the first time, but it wouldn't let me enter a blank passphrase when creating the key file. Looks like this:

    sugardev@dev:~/ssl$ openssl genrsa -des3 -out sugardev.key 1024
    Generating RSA private key, 1024 bit long modulus
    e is 65537 (0x10001)
    Enter pass phrase for sugardev.key:
    16484:error:28069065:lib(40):UI_set_result:result too small:ui_lib.c:849:You must type in 4 to 8191 characters
    Is my syntax wrong? How do I gen a key without one? (I think I have before, so this error is new to me).
  4. mistwang

    mistwang LiteSpeed Staff

  5. malffred

    malffred Active Member

    Thanks, I did as the instructions said. Now I get this:

    [SSL] Config SSL Context for listener *:443 with Certificate File: /home/sugardev/ssl/gd_cross_intermediate.crt and Key File:/home/sugardev/ssl/ get SSL error: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch
    I then started over, created a new key (no passphrase), new csr. Rekeyed the SSL cert with the new CSR and downloaded the new certs from Godaddy. Restarted LiteSpeed but get the same error. Am I screwed now?
  6. mistwang

    mistwang LiteSpeed Staff

    You should just remove the password of your old private key, a new private key will not match the certificate created for the old key, they won't match.

Share This Page