我正在将我的网站移动到另一台服务器上,在移动SSL密钥并certificate并重新创build相同的Apacheconfiguration之后,在Apache服务器重新启动(域匿名化)时,在错误日志中遇到以下情况:
[Sun May 24 22:21:05.579373 2015] [ssl:emerg] [pid 9777] AH02561: Failed to configure certificate 127.0.0.1:443:0, check /etc/ssl/certs/example.com.crt [Sun May 24 22:21:05.579407 2015] [ssl:emerg] [pid 9777] SSL Library Error: error:140AD009:SSL routines:SSL_CTX_use_certificate_file:PEM lib AH00016: Configuration Failed 它也阻止了对80和443的访问。 我已经validation了这些文件位于正确的位置,并且所有内容(至lessSSL)都被configuration为与旧服务器上的相同。 我在这里错过了什么?
这是来自sites-available / default-ssl.conf(域名匿名)的片段:
SSLCertificateFile /etc/ssl/certs/example.com.crt SSLCertificateKeyFile /etc/ssl/private/example.com.key SSLCertificateChainFile /etc/ssl/certs/bundle.crt
新的服务器规格:Debian 8(旧的有Debian 7),股票Apache 2.4.10。
更多的潜在线索:
# openssl x509 -noout -modulus -in /etc/ssl/certs/example.com.crt | openssl md5 unable to load certificate (stdin)= d41d8cd98f00b204e9800998ecf8427e # openssl x509 -noout -modulus -in /etc/ssl/private/example.com.key | openssl md5 unable to load certificate 140331629921936:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:703:Expecting: TRUSTED CERTIFICATE (stdin)= d41d8cd98f00b204e9800998ecf8427e # file /etc/ssl/private/example.com.key /etc/ssl/private/example.com.key: PEM RSA private key # file /etc/ssl/certs/example.com.crt /etc/ssl/certs/example.com.crt: PEM certificate